EMAIL : Access to Your CS-Cart Help Desk Account Has Been Restricted

I recieved this email today .



is this real ?



or a scam ?




[quote]You have received this message, because you are a registered CS-Cart Help Desk user.



Please carefully read this message, it contains important information regarding your CS-Cart Help Desk account security!



We are informing you that CS-Cart Help Desk system has been recently attacked.



The attack has been successfully reflected, and the vulnerability has been immediately closed, but some accounts still may be at risk of unauthorized access.



To guarantee the security of your CS-Cart Help Desk account, we have temporarily restricted the access to it.



In order to unlock the access to your account, reset your password and create a new one (it must differ from the one you used before) by following this link:



Recover password -



Thank you!



Best regards,

CS-Cart team[/quote]

Well

I did not try the link but went straight to the help desk and was not able to log in. I tried the forget password option, which I is the same as the link given in the email. There system has not sent a email to me in the last 10 minutes.

So I'm guessing that it is for real and maybe there password recover tool is really bogged down.



UPDATE: it took about 15 minutes for password recover to send email





Dave

I have received the same e-mail too.

me to 5 min a go

Get the same mail to.

Would appreciate some official input on this.

Hello,



Yes, this is an official statement, and this is an official broadcast to all registered Help Desk users.



Please follow the instructions in the e-mail and reset your password.



Thanks.

This is real. I STRONGLY recommend to change your credentials (ftp, admin, etc) if you had these stored in the helpdesk system, because hackers having these, that could get really ugly!

Thank you for confirming that.

Can CS-Cart offer any insight into exactly what data has been compromised? Obviously I suggest changing ALL login credentials which have ever been stored in the Help Desk - Cart Login, FTP Login, etc. Would just like to know potentially what data the hackers have obtained.

thanks for the info

[quote name='StellarBytes' timestamp='1363895366' post='158414']

Can CS-Cart offer any insight into exactly what data has been compromised? Obviously I suggest changing ALL login credentials which have ever been stored in the Help Desk - Cart Login, FTP Login, etc. Would just like to know potentially what data the hackers have obtained.

[/quote]



that's why the timebomb is an excellent idea - posted heaps of projects and while logging in, can verify that there is no server credentials listed.

[quote name='StellarBytes' timestamp='1363895366' post='158414']

Can CS-Cart offer any insight into exactly what data has been compromised? Obviously I suggest changing ALL login credentials which have ever been stored in the Help Desk - Cart Login, FTP Login, etc. Would just like to know potentially what data the hackers have obtained.

[/quote]



I asked cs-cart the same thing. Only credentials stored (and thus not destroyed yet by the timebomb) during the hack can be compromised.