EliteTrader Data Breach!!

Discussion in 'Feedback' started by Maverickz, Oct 29, 2021.

  1. Apparently ET has had a data breach. I just received a scam email on the email I used for this site. I run my own mail server and use a different email address for every single website and person I deal with. NO TWO people/companies have the same email address for me. Thus the ONLY way someone could have gotten this email address is by hacking ET servers. So either they were breached or ET is selling our info.

    The email in question came from the following address. If you get one too, please do not open or click anything in it.

    From: TurboTax Billing <admin@servicedesk.dependencetravel.com>
    Subject: Fw: Acct No.66416870 Payment
    JSOP and Leob like this.
  2. Baron

    Baron ET Founder

    It sounds like to me that the system your mail server resides on may have been hacked. We've had no other reports other than yours.
  3. Most people have no way to know where the source of the breach occurred to report it to you. They get so much spam all the time, they don't even notice a new one. The only reason I can know, is the fact that I use a different email for every site and I get zero spam because when things like this do happen, I delete the exposed email. If my server would have been hacked they would have access to all of my email addresses, not just one. Not to mention my server is non-public and only used for my personal email. It's not like Gmail or something well known that anyone would actually want to hack.

    I would suggest leaving this thread open for a bit and see if anyone else got the email in question. They can report it here. You might also want to check your logs to see if you spot anything out of the ordinary. I will dig around on my side to see what I find as well.
    DoctorProfits likes this.
  4. Overnight


    And how does that dependencetravel.com domain link back to your ET username?

    Sincerely confused,
  5. destriero


    Because he only used that email address for ET.

    • He received scam email to an email address something like: et@dependencetravel.com
    • IMO ....It's a good idea setting up an email server in such away. BUT are spam emails really that much of a problem?
  6. JSOP


    Spam email is not the point. It's the fact that our private email addresses are being exposed that's the problem. This is not just some spam emails with some annoying ads. These are phishing attempts meaning whoever or whatever sent these phishing emails want to know who we are. Tried to access the domain dependencetravel.com and was not able to reach it. Google blocked it due to security reasons so my suspicion is that it's a hacking site and it's not necessarily that ET is selling our data. If I were ET, I would check for suspicious activities and intrusion attempts on its servers and beef up its security.
  7. Overnight


    Sure, @Baron can check for "site vulnerabilities" and all sort of other bits...But in the end it doesn't amount to anything.

    So WHAT if they get your e-mail address? I have a privacy monitoring service, and I get updates a few times a year that my e-mail addy was found on the dark web, and such-and-such was the site, and blah blah blah, but it doesn't mean anything! They will never guess my e-mail password, and they will never guess the password to any site I access with said e-mail address.

    If I get an e-mail that looks suspicious, I don't click on any links in it.

    It's like fire. If it looks like it is going to hurt, don't touch it? Oy!
    Last edited: Nov 10, 2021
  8. Baron

    Baron ET Founder

    I'll pass that along to Google and Sendgrid engineers since they manage our server and email operations. But again, I'm very skeptical since only one user has reported an issue, and he just so happens to be running his own email server. If there was a legit problem on our end that affected everyone, members would be blowing up this thread all day every day.
    JSOP likes this.
  9. JSOP


    Would be interested to see what they say about the data servers since the email didn't come from ET's email server but from potential and possible hacker's domain.
    #10     Nov 11, 2021