Jump to content

Security Breach Notice - Aztec


Recommended Posts

Just received this email from Aztec. Sharing in case you use that supplier, but dont see the emails.



An unauthorized agent has used an old/obsolete domain email account without our knowledge, If you have received any communications from a buywax.com delete them, make sure your antivirus software is up to date and run full scan for malware.


Link to comment
Share on other sites

Email Threat Information
Credit Card Threat Q & A
After getting everyone's questions and feedback I wanted to summarize what seems to be the most asked or talked about questions. This is way more detailed. We are very very sorry we are in way associated with this and have fixed the issue and will take even more precautions that something like this doesn't happen again.
Q. What is/was the threat

A. An email address we no longer used was compromised. Upon placing an order on our site an was CC'ed to this address. The hacker then had both access to send an email from this account and the customers email and was sending malware. We are only able to see the bounce back messages, but it is very clear that malware was being sent.
Q. Has this been fixed
A. Yes, we have changed the credentials for this domain and it appears to have stopped the problem although we are still closely monitoring it. Upon changing them we had an attempt to login from Korea with was declined and the hacker no longer has access
Q. What do I need to do?
A. First, do not open any emails from buywax.com. We do not use this email and especially do not click to allow a picture to be downloaded or any link. Most virus protections will run scans daily or so... most likely it has been removed already if you computer is up to date, but we do highly recommend running a full scan and making sure your virus protection is up to date.
Q. How long has this been happening?
A. For at least 6 months or so if not more. This first came to our attention in November, but it could have been before that.
Q. Why could you not find this sooner?
A. We don't use this email address and the folder of junk mail it collected was full. Not till we moved our emails to our new server that our new site will be on did we get the bounce back messages or even think to check it.
Q. Is your site secure?
A. Yes, we have had all kinds of scans run on it and daily code reviews. We have even had visa check the reports to assure all is ok. If you are still not comfortable using your CC on our site I totally understand. You are welcome to use paypal and using this method your information is never entered (except the first time) or transmitted at all.
Q. Why does the lock icon and https not appear in the URL
A. It does once you get to a page where you are transmitting sensitive information like the login screen or once you start the checkout process.
Q. What if my card was stolen after shopping in person or using paypal. 
A. This threat is only related to online purchases using credit cards. If you were hacked after paying using one of these methods it was taken a different way. I'm sure there are people who have had their information taken other ways as 46% of Americans have had their credit card information stolen in the past 5 years.
Q. Why does it seem like this is happening more and more frequently
A. Basically because it works. Programs that are designed to record you key strokes are very effective as there is no encryption to break. All they have to do is get you to click a link, click to allow a photo, download a file, connect to a hotspot... and they see everything you type
Q. Can you not do something more about this?
A. We have been trying our best to find the problem. Had several different firms scan the site and install everything possible to make the site the most secure and up to date that is available. Upon not being able to find anything we started the process of completely ditching the old site and starting new. This is a fairly long process as our site is a little more complicated than some and hope to have the new site done in June of this year. The new site is being built by a new company with all US employees paid very well, on a new server (Nexcess.net) that should be much faster than the current Amazon server it is hosted on, and a new process if at all possible. (we haven't gotten to this point yet, but that is the plan). The new site should be much more mobile friendly, user friendly, quicker, and offer more features to make shopping, better, faster, and easier.
Again we a very sorry that we had any part in this! I wish we would have been able to find the problem when first mentioned, but we were just looking in the wrong place. We greatly value all our loyal customers and please use paypal if you still do not trust we have fixed the problem until the new site is finished.
1-800-369-5357 | Fax 615-538-2062 | Email | Website
Like us on Facebook
Follow us on Twitter
Find us on Pinterest
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...