Jump to content

Sign in to follow this  
emesbee

Security Breach at Burning Shed

Recommended Posts

Posted (edited)

Hi all, I received this rather concerning email from Burning Shed this morning (this is a screen grab of the email, so hope it is readable - just click on the message to enlarge it).

 

BShed.thumb.JPG.4ce6a3a2b93849753a2e447838b9fdaf.JPG

 

So, Burning Shed had a security breach on 18th December 2018, but did not discover it until 17th April 2020. To make matters worse, some of the stolen passwords (including mine) were allegedly decrypted by the hackers. If this is true, it doesn't say a lot for the level of security on their site.

 

Now, it did occur to me that this could be a scam message (maybe even from the hackers), but it doesn't look like it. There are no spelling errors and no embedded links, for example. I also tried logging on to their website http://burningshed.com which confirms the site has been taken offline for the 48 hour period (approx.) mentioned in the email.

 

Just for the record, I created an account with Burning Shed in September 2018 in order to make a purchase at that time. I'm not 100% sure if I've made any purchases with them since, but don't think so (would need to trawl through my email records to confirm that). I have been receiving regular newsletter emails from them since then (as one always does when one subscribes to a site). 

 

I did change my password very recently though (I'd forgotten the old one), on 18th April 2020 in order to download some free music clips mentioned in their latest email, which I did successfully. That was one day after they discovered the breach, but hadn't informed customers at that stage.

 

As far as I can tell, I have not detected any fraudulent transactions or received any suspect emails.

 

I'm just wondering if anyone else with a Burning Shed account has received a similar email?

 

 

To the moderators, please feel free to move this thread if I have put it in the wrong location.

 

 

 

 

 

 

 

 

 

 

Edited by emesbee

Share this post


Link to post
Share on other sites
5 minutes ago, emesbee said:

Hi all, I received this rather concerning email from Burning Shed this morning (this is a screen grab of the email, so hope it is readable).

 

BShed.thumb.JPG.4ce6a3a2b93849753a2e447838b9fdaf.JPG

 

So, Burning Shed had a security breach on 18th December 2018, but did not discover it until 17th April 2020. To make matters worse, some of the stolen passwords (including mine) were allegedly decrypted by the hackers. If this is true, it doesn't say a lot for the level of security on their site.

 

Now, it did occur to me that this could be a scam message (maybe even from the hackers), but it doesn't look like it. There are no spelling errors and no embedded links, for example. I also tried logging on to their website http://burningshed.com which confirms the site has been taken offline for the 48 hour period (approx.) mentioned in the email.

 

Just for the record, I created an account with Burning Shed in September 2018 in order to make a purchase at that time. I'm not 100% sure if I've made any purchases with them since, but don't think so (would need to trawl through my email records to confirm that). I have been receiving regular newsletter emails from them since then (as one always does when one subscribes to a site). 

 

I did change my password very recently though (I'd forgotten the old one), on 18th April 2020 in order to download some free music clips mentioned in their latest email, which I did successfully. That was one day after they discovered the breach, but hadn't informed customers at that stage.

 

As far as I can tell, I have not detected any fraudulent transactions or received any suspect emails.

 

I'm just wondering if anyone else with a Burning Shed account has received a similar email?

 

 

To the moderators, please feel free to move this thread if I have put it in the wrong location.

 

 

 

 

 

 

 

 

 

 

If you check on this website it will tell you whether your password has been loaded onto the web.

 

https://haveibeenpwned.com/

 

Be prepared to receive some emails with your password in the subject bar (I did) and they will request money either in bitcoin or wire transfers.  They will threaten various things, eg, hack accounts, post your details on pawn sites and other pretty vile things.

 

I would suggest change your passwords on other sites and be vigilant.

Share this post


Link to post
Share on other sites
1 hour ago, emesbee said:

Hi all, I received this rather concerning email from Burning Shed this morning (this is a screen grab of the email, so hope it is readable - just click on the message to enlarge it).

 

BShed.thumb.JPG.4ce6a3a2b93849753a2e447838b9fdaf.JPG

 

So, Burning Shed had a security breach on 18th December 2018, but did not discover it until 17th April 2020. To make matters worse, some of the stolen passwords (including mine) were allegedly decrypted by the hackers. If this is true, it doesn't say a lot for the level of security on their site.

 

Now, it did occur to me that this could be a scam message (maybe even from the hackers), but it doesn't look like it. There are no spelling errors and no embedded links, for example. I also tried logging on to their website http://burningshed.com which confirms the site has been taken offline for the 48 hour period (approx.) mentioned in the email.

 

Just for the record, I created an account with Burning Shed in September 2018 in order to make a purchase at that time. I'm not 100% sure if I've made any purchases with them since, but don't think so (would need to trawl through my email records to confirm that). I have been receiving regular newsletter emails from them since then (as one always does when one subscribes to a site). 

 

I did change my password very recently though (I'd forgotten the old one), on 18th April 2020 in order to download some free music clips mentioned in their latest email, which I did successfully. That was one day after they discovered the breach, but hadn't informed customers at that stage.

 

As far as I can tell, I have not detected any fraudulent transactions or received any suspect emails.

 

I'm just wondering if anyone else with a Burning Shed account has received a similar email?

 

 

To the moderators, please feel free to move this thread if I have put it in the wrong location.

 

 

 

 

 

 

 

 

 

 

I got an email from them last night. I also tried to get on to their website, which said it was down for 48 hours for maintenance. So far I haven't had any fraudulent activities.

Share this post


Link to post
Share on other sites
2 minutes ago, mrbuzzardstubble said:

I got an email from them last night. I also tried to get on to their website, which said it was down for 48 hours for maintenance. So far I haven't had any fraudulent activities.

Lets hope it stays that way!

 

Share this post


Link to post
Share on other sites


6 minutes ago, emesbee said:

Lets hope it stays that way!

 

I tried that link that pkay posted as well. Only takes a second or two. All clear there re email address.

Share this post


Link to post
Share on other sites

Likewise I got that email .

 

and this afternoon changed a few passwords on a few non banking websites. Pita ,but worth doing.

 

i recently got one of those half arsed hacker emails, along the lines of “ I’m a nasty hacker I know your pass word. Give me bitcoin” 

 

in effect they did have a password , but basically there wasn’t much they could do it. I simply deleted the email. 
 

a friend of mine had a password taken from an adobe hack and got a few similar emails. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Classifieds Statistics


    Currently Active Ads

    Total Sales (Since 2018)

    Total Sales Value (Last 14 Days)

    Total Ads Value (Since March 2020)
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...