Hi all
Thank you to everyone that has contacted us on forums, Facebook etc in relation to these unauthorised emails over the last couple of days. As you've rightly guessed a few of our email accounts were hacked over the weekend – please be assured that these accounts have now been secured and we're sorry for the concerns and worry that the hack may have caused. Our website is not linked to this and has not been compromised at all - all information stored remains 100% secured and protected.
If anyone has any further concerns or questions about the emails, please do get in touch (https://www.timespace.com/pages/contact-us). Our website live chat facility is also available for a more immediate response.
Kind regards
Time+Space
Time Space Email Virus Warning
-
- KVRist
- 46 posts since 7 Apr, 2008
-
- KVRian
- 1209 posts since 18 Dec, 2007
I'm sorry but no, that's not good enough. It's your responsibility to email each and every one of your customers IMMEDIATELY, and you still haven't a day or two later. I don't care if it was the weekend or you were out drinking during the bank holiday, this is serious and you run a business.Time+Space wrote:Hi all
Thank you to everyone that has contacted us on forums, Facebook etc in relation to these unauthorised emails over the last couple of days. As you've rightly guessed a few of our email accounts were hacked over the weekend – please be assured that these accounts have now been secured and we're sorry for the concerns and worry that the hack may have caused. Our website is not linked to this and has not been compromised at all - all information stored remains 100% secured and protected.
If anyone has any further concerns or questions about the emails, please do get in touch (https://www.timespace.com/pages/contact-us). Our website live chat facility is also available for a more immediate response.
Kind regards
Time+Space
Now you need to give us more information. I, along with lots of other people opened the word doc, and we need to know what was contained in it and what OS platforms may have been infected, and how we remedy this.
I'm seriously blown away by your 'it wasn't me' attitude with this. I've spent thousands with you over the years and at the moment, I'll not touch you again.
-
- KVRist
- 46 posts since 7 Apr, 2008
Hi m-ac,
We are currently compiling the list of customer emails that were sent the unauthorised emails and as soon as this has been done they will be emailed with more information and advice. Please be assured, most of the team are working on this as I write - it is absolutely being taken seriously.
Time+Space
We are currently compiling the list of customer emails that were sent the unauthorised emails and as soon as this has been done they will be emailed with more information and advice. Please be assured, most of the team are working on this as I write - it is absolutely being taken seriously.
Time+Space
-
- KVRian
- 1201 posts since 25 Sep, 2002
I received this email & it contained details of an order I placed from last year so it appeared legit. Luckily, windows security centre flagged the Trojan so I didn't open the document.
I tried contacting T&S via their chat & email but no reply on the issue so far, I'm sure they will be swamped with queries!
Thanks for posting details here, if the OS hadn't picked it up I would definitely have opened the document as the rest of the email looked so legit!!
Hopefully a more detailed response from T&S to its customers will soon follow!
I tried contacting T&S via their chat & email but no reply on the issue so far, I'm sure they will be swamped with queries!
Thanks for posting details here, if the OS hadn't picked it up I would definitely have opened the document as the rest of the email looked so legit!!
Hopefully a more detailed response from T&S to its customers will soon follow!
-
- KVRian
- 1209 posts since 18 Dec, 2007
So another day goes by and you do absolutely nothing, still? No emails to your customers who have been affected by your issue, no advice, nothing. Are you pretending this didn't happen?Time+Space wrote:Hi m-ac,
We are currently compiling the list of customer emails that were sent the unauthorised emails and as soon as this has been done they will be emailed with more information and advice. Please be assured, most of the team are working on this as I write - it is absolutely being taken seriously.
Time+Space
-
- KVRAF
- 3389 posts since 7 Aug, 2008
I got a notification email form them yesterday about it, so yes, they have done something.m-ac wrote:So another day goes by and you do absolutely nothing, still? No emails to your customers who have been affected by your issue, no advice, nothing. Are you pretending this didn't happen?Time+Space wrote:Hi m-ac,
We are currently compiling the list of customer emails that were sent the unauthorised emails and as soon as this has been done they will be emailed with more information and advice. Please be assured, most of the team are working on this as I write - it is absolutely being taken seriously.
Time+Space
Edit: I'm not saying that is sufficient, but saying they have at least acknowledged it to customers.
-
- KVRAF
- 1662 posts since 13 Jan, 2014
I am afraid its getting worse (Time and Space already informed and they will sent out another email):
Today I wanted to respond to another Time and Space support email and the outgoing email was blocked. Then I get an email from my emailprovider telling me my adress has been blocked cause there has been attempts to hack my account and that I have to change my password.
I would recommend evrybody who got that email to do the same immediately. I dont think this has directly todo with the Trojan (if you have opened the word document or not) but just with the infos they got from hacking the Time and Space emailserver. But I am no expert on this.
Today I wanted to respond to another Time and Space support email and the outgoing email was blocked. Then I get an email from my emailprovider telling me my adress has been blocked cause there has been attempts to hack my account and that I have to change my password.
I would recommend evrybody who got that email to do the same immediately. I dont think this has directly todo with the Trojan (if you have opened the word document or not) but just with the infos they got from hacking the Time and Space emailserver. But I am no expert on this.
-
- KVRAF
- 2726 posts since 2 Jun, 2016
Sounds like a flipping nightmare for everyone, customers and Time+Space.
Luckily, despite being a customer of T+S for about 10 years, I didn't get any dodgy email (and I'll just delete it if I do now).
Luckily, despite being a customer of T+S for about 10 years, I didn't get any dodgy email (and I'll just delete it if I do now).
-
- KVRist
- 176 posts since 9 Aug, 2017
I didn't get an email too. But data leakage is a serious signal to take measures.
I wasn't able to find a "secret" place where I could change the password. I used "Forgot my password" to reset the existing one.
Also, they have all our sensitive data: Address, full name, phone number... I deleted almost all. Why I have to fill this info during placing the order if I prefer PayPal as a payment method?
I wasn't able to find a "secret" place where I could change the password. I used "Forgot my password" to reset the existing one.
Also, they have all our sensitive data: Address, full name, phone number... I deleted almost all. Why I have to fill this info during placing the order if I prefer PayPal as a payment method?
-
- KVRist
- 158 posts since 29 Sep, 2015
TimeSpace delivers software serials by email. are they guarenteeing those werent siphoned out during the breach?
-
- KVRist
- 46 posts since 7 Apr, 2008
Thanks for all the posts and messages we have received, they have been invaluable in helping us identify the size and nature of this security breach. Time+Space has been in business for over 20 years, we've always taken security very seriously and never experienced anything like this before.
We 100% appreciate this is a very serious issue and once we were alerted to what had occurred, we took the following steps as soon as possible;
- All Time+Space e-mail accounts were secured so no further unauthorised access could take place
- We sought professional advice and as a result, we implemented further security measures
- We contacted and alerted all customers that we believe could have been at risk of receiving an unauthorised e-mail from us with more information, most importantly to not open any attachments and if an attachment has been opened, to run anti-virus software ASAP
We are now commissioning a complete cyber-security review from an external agency encompassing all our digital systems.
In relation to serial numbers and the Time+Space website, our e-mails are handled completely separately, and any data held online remains 100% safe and secure. This includes personal customer data and serial numbers so there is absolutely nothing to worry about on that front.
We will send out a second advisory e-mail today to anyone that could have been affected with a complete report and further instructions that we have just received from cyber-security experts.
If you received an unauthorised e-mail from Time+Space but no subsequent e-mail with our advice, please contact us and we’ll be in touch ASAP - https://www.timespace.com/pages/contact-us
We really appreciate your patience and understanding, this incident is deeply frustrating and we unreservedly apologise for any inconvenience that has been caused.
Best Regards
Time+Space
We 100% appreciate this is a very serious issue and once we were alerted to what had occurred, we took the following steps as soon as possible;
- All Time+Space e-mail accounts were secured so no further unauthorised access could take place
- We sought professional advice and as a result, we implemented further security measures
- We contacted and alerted all customers that we believe could have been at risk of receiving an unauthorised e-mail from us with more information, most importantly to not open any attachments and if an attachment has been opened, to run anti-virus software ASAP
We are now commissioning a complete cyber-security review from an external agency encompassing all our digital systems.
In relation to serial numbers and the Time+Space website, our e-mails are handled completely separately, and any data held online remains 100% safe and secure. This includes personal customer data and serial numbers so there is absolutely nothing to worry about on that front.
We will send out a second advisory e-mail today to anyone that could have been affected with a complete report and further instructions that we have just received from cyber-security experts.
If you received an unauthorised e-mail from Time+Space but no subsequent e-mail with our advice, please contact us and we’ll be in touch ASAP - https://www.timespace.com/pages/contact-us
We really appreciate your patience and understanding, this incident is deeply frustrating and we unreservedly apologise for any inconvenience that has been caused.
Best Regards
Time+Space
-
- KVRAF
- 3374 posts since 2 Oct, 2004
So its obvious that email contact information has been leaked to these malicious hackers. Its also possible that they may have siphoned off some other personal information and or payment info using details?
Orion Platinum, Muzys 2
-
- KVRist
- 246 posts since 20 Jul, 2015
You didn't contact me with an alert email and I got the trojan email. But I never contacted t&s to say I got one. I'm just wondering if you actually know the true scale of the hacking given that you somehow missed my account as being one of the compromised.Time+Space wrote: - We contacted and alerted all customers that we believe could have been at risk of receiving an unauthorised e-mail from us with more information, most importantly to not open any attachments and if an attachment has been opened, to run anti-virus software ASAP