Jump to content



Member Since 07 Dec 2013
Offline Last Active Aug 14 2015 04:20 PM

Topics I've Started

Customer Email Ids Data Stolen ?

09 August 2015 - 11:06 AM

We use CS-Cart 4.0.3 Pro full from last 1.5 years .

A customer who registered on 6th Aug 2015 mailed today (9th Aug 2015) that after registering on our website he started getting spam/phishing mails.

He claimed that we sold his email ID (which is surely not the case) . We require customer registration before they can see prices /order as we sell item like knives , crossbow , archery etc which should be sold to adults only and they should be membe r of sports assocition (due to local laws).

I doubt the claim as that has not happened before to any of our customer (technically speaking- no one reported/said anything like before) and we/our friends ourselves are registered on the website as customer with our private emails IDs (not free mail service but on our own private domain ) and never got spam or phishing mail.

I doubt it based on 3 points
He had a grouse that we need compulsory registration (but could not buy from us as he does not fulfill the rules)
He registered on 6th and says that he immediately got spam ("just after I registered" - sic) but mailed on 9th regarding it .
He threatened to take legal action (for a free email ID which is owned by gmail) knowing that its not possible due to regulatory reasons here) maybe a super paranoid to take pain going to that length.

I am giving this details so that you understand that it is highly unlikely that he got spam because of us.

But then a thought came my mind - maybe we were hacked ? Or our DB being stolen / accessed for email IDs ?

As an experiment we have registered new profiles on our website using some free mail service like yahoo and gmail and will check them regularly to see whether they get spam . These IDs have not been used anywhere else and created just for this - but this could take time

So is there any way to check this out - particularly for email IDs ?