There has been a recent data breach at NewsgroupDirect. This is an ongoing investigation and things may change, but as of now we believe that someone unauthorized was able to gain access to our systems between May 1, 2014 and July 8, 2014 (tentative dates). We believe that only new accounts created during this time period are affected. If you paid with Worldpay then you are unaffected.
I am extremely sorry that this happened. Our mission at NewsgroupDirect is to provide the best customer service in the usenet industry, and we’ve let you down.
What You Need To Do
1. Check your credit card statement and look for any unauthorized charges. If you see anything out of the ordinary then please email us with your NewsgroupDirect username and the date that you registered for our service. This is an important part of the investigation. Remember, you are not liable for fraudulent charges on your credit card.
2. Contact your credit card company and have them revoke your existing card and issue a new one.
3. Login and change your password. We don’t have any reason to believe that passwords were compromised in any way, but it’s best to be safe.
What We Are Doing in Response
1. Most importantly, we want to make sure that our customers’ needs are met. If you need help with anything as a result of this data breach then please let me know.
2. Increased Security Measures. We believe that we have identified and fixed the vulnerability that allowed someone to gain access to our system. That’s the first step. Beyond that we will be working to strengthen all of the security measures that we have in place and implement new ones.
3. We will continue with our forensic investigation into this issue and will post a more detailed incident report here when the investigation is completed.
I deeply regret this incident and look forward to earning your trust again.
CEO / NewsgroupDirect
p.s. My personal email is [email protected] Feel free to reach out to me there with any concerns or questions.
Update – July 15
Thanks to everyone for your patience and understanding about this issue.
We have now concluded our investigation. Here’s what we’ve determined:
- The unauthorized access into our system originated on or near May 28, 2014.
- The source of the intrusion was stolen credentials from the computer of a developer that was hired (and subsequently fired) over the past couple of months. It appears that there may have been malware and/or a keylogger on his computer that led to our information and information about his personal accounts being taken.
- The attack was perpetrated by a code insertion into our signup process. This malicious code allowed card data to be harvested before it could be sent securely to our trusted 3rd party storage service.
Changes We’re Making
- We already routinely cycle all of our system passwords. We’re going to increase the frequency of this cycling.
- Over the next few days we will start using tokenization in our signup process to make sure that raw card data never reaches our servers in the first place.
- We will also be implementing new security measures for new employees to insure that their computers are free of any malware before having access to our infrastructure.
We realize this has been an inconvenience to our customers. We want to compensate the affected users as best we can. If you signed up for a new NewsgroupDirect account between May 25, 2014 and July 8, 2014, using a credit card, then you will receive the following, depending on which type of account you have.
- If you have a block usenet account you will receive a free 500 GB block.
- If you have a subscription then you will receive 2 free months.
Please allow up to 10 days for your account to be updated.
We have received an overwhelming amount of support from our customers over the past week. I want to personally thank you for being supportive, understanding, and for continuing to be the best customers in the world.
Please feel free to reach our to us if you have any questions at all.