Read the 2 threads on this, more people are getting it from PTR associated emails than CR.

http://forumserver.twoplustwo.com/28...tolen-1035705/

I have received the 'Gambler X' emails too, although now they seem to have stopped. I've never signed up for any Cardrunners but have PTR basic.

Presumably, getting spammed doesn't neccesarily prove passwords have been compromised, just user email details? It would be helpful if PTR would confirm if account details have been hacked and what info has been revealed.

FYP

I have different emails for CR and PTR. The PTR email got the gambler spam, CR one didn't.

PTR sent a mass email about it. So yes PTR was hacked.

Blah blah blah.

1. Which encryption method for the password tables?
2. Were email and IP addresses stored as plain text? If so, for which period of time?

+1

I have a different email for PTR and just seen that it's been gambler spammed also.

Getting a ton of spam from GamblerX so changed all passwords just to be safe. As I was at it I changed all email passwords and master passwords. LastPass was in trouble last week and had to change passwords there too.

Using Lastpass is handy but also dangerous imo and judging by last week nobody is safe on da interweb anymore.

This site is probably a big target too I guess?

It's weird, myself and 2 friends all have accounts on both CR and PTR and none of us have any spam at all. Maybe because we're from the UK? Just seems weird...

Nothing to do with region I'd say. Im from Ireland and got spam sent to 3/4 acc's. I use gmail and all of it was filtered to the spam folder so I found it in there. One of my email acc's had ~50 spam from gamblerX

Yeah we've all checked our spam, nothing is in there. Maybe it's still to come...

Maybe they didnt get around to you yet lol. Got an email from PTR this morning asking that I change my passwords. You should probably change yours just to be safe.

Lastpass was fine once you followed advice about having a good master password and even safer if you had a Ubikey.

It is certainly much safer than remembering passwords for each site. Also their security breach showed that even if the PW were taken it was still safe.

Google Chrome is flagging the renewal page as non-secure (on Cardrunners). Need to renew in the next 3 days, any idea on if/when it's safe to do so?

Might as well go with bluefirepoker

I am no longer getting the Gambler emails... they started on Tuesday and ended on Thursday.

I did sorta the same thing with my Yahoo account ages ago since no gaming company I'm associated with would use terms like "gamble" "gambler" "casino" "slots" etc etc... Not just to filter to a spam folder, but they are instantly sent to the trash. I just looked through my spam folder and I don't see any of the "gambler xxxx" spam emails, and nothing with attachments. I had a CR account from ages ago that I have never really used, but do have an active PTR account.

While I'm not getting spam, I did change my PW for all important sites since had I changed them all to the same thing when my drug use kept me from remembering anything complicated. Before that I'd used absurdly complex passwords, then one day I ended up washing jeans with my last password list in the pocket...

So basically... Use strong passwords and don't use the same one twice for any account that could give a hacker access to more important info (that includes being connected to the email address you use for poker or banking). Also, don't do stupid amounts of drugs.

Should be no problems here but I will check to make sure.

I got this too. The unsubscribe addy and domains names don't match PTR though....phishing?.

Just make sure you are viewing the page with "https" instead of "http" -- we haven't heard of any issues with this but check on that and you should be fine.

it says https but it's crossed out

chrome's explanation for the crossing out is here

http://www.google.com/support/chrome...95617&hl=en-US

Very poor response from PTR. They took forever to say anything, and they haven't clarified what information was compromised.

No, that's just because they're lazy, greedy and possibly handling customer data with no regard to security/privacy at all.

You can use the link to unsubscribe.

They're basically pulling an Sebok on us.

Acting as white knight to go trough the swamps of corruption in this industry while only trying to make profit for them selves.

Looks like the Gambler email spam has stopped? Was getting several a day, haven't got one since a few days ago now? Anyone else?