[Security Alert] GearBest Customer Details & Passwords May Have Been Hacked

20
Found 22nd Dec 2017
I've just had an urgent IT Security alert mentioning there is a strong possibility the GearBest database has been hacked, and customer details (name, address, telephone, email, passwords etc) may be compromised.

I've posted a link on Reddit which explains more about what may have happened. Some commentators have also mentioned that GearBest may be trying to suppress this information (for obvious reasons)

Usual protocol applies. Change any passwords etc as a matter of urgency, and look out for any fraudulent transactions.

Before anyone whines, I've deliberately posted this info in the general forum so most HUKD members who are GearBest customers will see it (and most won't if it's just dumped in 'Misc')

HTH

reddit.com/r/A…ds/
Community Updates
Response from GB @ 1pm UTC

Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely

Misc
Top comments
Those £7 xiaomi bands suddenly look a lot more expensive
rogparki2 h, 12 m ago

Hardly a surprise ! Yet another reason not to buy from Chinese sellers Hardly a surprise ! Yet another reason not to buy from Chinese sellers .I hope this isnt why posters (including Mods/Editors) have been reminding members to "Log on to get the discount" recently Could this be why numerous "cheap tat" deals from Gearbest and other Chinese sellers have been posted recently ? 85p for a compass and 50odd p for a head scratcher may have seemed like a "steal" to some members - And they probably were


Yes, that's exactly the reason.

Only dubious Chinese retailers are targeted by criminals.

(Sigh)

Can't you just post nonsense in BBC-related threads like our other resident grumpy old man?
Syzable39 m ago

Moved to misc as that's where it belongs. Thanks for sharing


Where no-one will see it...
20 Comments
Moved to misc as that's where it belongs. Thanks for sharing
Those £7 xiaomi bands suddenly look a lot more expensive
There is a surprise....NOT

Thanks for warning
Users are okay if they've logged on with Google+ or Facebook!
Are you safe if you paid with PayPal.
Thanks for warning
Syzable39 m ago

Moved to misc as that's where it belongs. Thanks for sharing


Where no-one will see it...
Appreciate the warning. I specifically use Paypal in case of things like this but have changed my password regardless. Cheers!
ScroopEgerton4 m ago

Where no-one will see it...


Except you A lot of people browse misc but don't take the plunge into the depths of discussion as it can be a frightening place for some. Need a hide like a Rhino in here at times haha
jadamso4 m ago

Appreciate the warning. I specifically use Paypal in case of things like …Appreciate the warning. I specifically use Paypal in case of things like this but have changed my password regardless. Cheers!


sorry, do you mean we have to change paypal passwords? thanks
Thanks, all changed .
Tried to add some info to help up the top and its not there so here it is again:

Direct from Gearbest around 1PM UTC

Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely

How many times do we need to change passwords? How do we remember them all?
Misslovely12 m ago

How many times do we need to change passwords? How do we remember them all?


Use a password manager such as Lastpass, 1Password, KeePass.
rogparki2 h, 12 m ago

Hardly a surprise ! Yet another reason not to buy from Chinese sellers Hardly a surprise ! Yet another reason not to buy from Chinese sellers .I hope this isnt why posters (including Mods/Editors) have been reminding members to "Log on to get the discount" recently Could this be why numerous "cheap tat" deals from Gearbest and other Chinese sellers have been posted recently ? 85p for a compass and 50odd p for a head scratcher may have seemed like a "steal" to some members - And they probably were


Yes, that's exactly the reason.

Only dubious Chinese retailers are targeted by criminals.

(Sigh)

Can't you just post nonsense in BBC-related threads like our other resident grumpy old man?
rogparki2 h, 23 m ago

Hardly a surprise ! Yet another reason not to buy from Chinese sellers Hardly a surprise ! Yet another reason not to buy from Chinese sellers .I hope this isnt why posters (including Mods/Editors) have been reminding members to "Log on to get the discount" recently Could this be why numerous "cheap tat" deals from Gearbest and other Chinese sellers have been posted recently ? 85p for a compass and 50odd p for a head scratcher may have seemed like a "steal" to some members - And they probably were


Hacking's not unique to Chinese sites. That's a bit like saying you don't need a firewall, anti virus, antimalware etc as long as you don't visit porn sites.
Dear Valued Customers,

We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.

However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.

We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.

If you have any queries or may need any assistance, please contact our Support Team

Yours Sincerely,

Gearbest.com

Security Update :For your safety and security we have added a new verification code system for all customers when logging into Gearbest.
Edited by: "Gearbest1" 23rd Dec 2017
bitcoin515 h, 29 m ago

Tried to add some info to help up the top and its not there so here it is …Tried to add some info to help up the top and its not there so here it is again: Direct from Gearbest around 1PM UTCDear Valued Customers,We kindly bring your attention to the fact that some unidentified hackers gained large amounts of personal data from other websites and are trying to use this data to deceptively sign into Gearbest. Immediately after identifying this irregularity, we have frozen a few hundred affected accounts and updated our IT system for suspicious IPs. The situation is completely under control.However, for your personal account security, we kindly recommend that you change your password if you feel that it is too simple (password with a combination of letters, numbers and symbols are considered to be more complex). At the same time, we also recommend that you do not use the same email address and password on different websites.We will always be 100% committed to maintain our website as a safe and reliable place for your guaranteed shopping experience.If you have any queries or may need any assistance, please contact our Support TeamYours SincerelyGearbest.com


They weren't hacked then.
Post a comment
Avatar
@
    Text

    Top Discussions