KVR Audio

rasmusklump · Post by **rasmusklump** » Sat Oct 03, 2020 7:04 pm

Watching all of this over the last months I have to say that this is the most unprofessional handling of a shop with customers data I have ever experienced

El°HYM · Post by **El°HYM** » Sat Oct 03, 2020 7:05 pm

I also hope its still fine somehow in the end. Actually, just ordered something like 2 Days ago.

Hadrondrift · Post by **Hadrondrift** » Sat Oct 03, 2020 7:16 pm

I am too redirected to a Chinese sales platform...

vskunk · Post by **vskunk** » Sat Oct 03, 2020 7:36 pm

rasmusklump wrote: Sat Oct 03, 2020 7:04 pm Watching all of this over the last months I have to say that this is the most unprofessional handling of a shop with customers data I have ever experienced

i am a customer of jrrshop since a long long time, uncle E have always been professiona and responsive, the technical problem they have are the 1 since i made my first buy.jrrshop is not a buggy shop.all these technical trouble will not make me stop me to purchase plugin from them.

Uncle E · Post by **Uncle E** » Sat Oct 03, 2020 7:36 pm

rasmusklump wrote: Sat Oct 03, 2020 6:59 pm I wish I had never bought there anything. I suppose my credit card details are now all over the net

We never collect or store any credit card information. Even in the past when we accepted direct credit card payments, you were redirected directly to the credit card processor's interface and your information never touched our site. This is also true for PayPal payments, by the time you enter any passwords or payment information, you are completely inside of PayPal and none of your information is being communicated in any way to our site.

I have shut our site down until we get this fixed.

vskunk · Post by **vskunk** » Sat Oct 03, 2020 7:38 pm

Uncle E wrote: Sat Oct 03, 2020 7:36 pm
rasmusklump wrote: Sat Oct 03, 2020 6:59 pm I wish I had never bought there anything. I suppose my credit card details are now all over the net
We never collect or store any credit card information. Even in the past when we accepted direct credit card payments, you were redirected directly to the credit card processor's interface and your information never touched our site. This is also true for PayPal payments, by the time you enter any passwords or payment information, you are completely inside of PayPal and none of your information is being communicated in any way to our site.

I have shut our site down until we get this fixed.

good luck.

4damind · Post by **4damind** » Sat Oct 03, 2020 7:55 pm

If I try to open a subpage, there is no redirection. So it seems someone has modified the index page (with added Javascript).

There are always idiots who seem to have fun testing random passwords on the root account via SSH and try to get access to the server via SSH to install spam...
(therefore it is strongly recommended to use key files and disable SSH root access).
But maybe it's something completely different with the shop system or a customized CMS.

By the way, there is hardly anybody who takes over the payment processing completely by himself. Most shops use payment providers, in the simplest case Paypal. So the data is not on the server, but is handled by the external provider... everything should be secure and there are no credit card data on the server

claudedefaren · Post by **claudedefaren** » Sat Oct 03, 2020 8:15 pm

jochicago · Post by **jochicago** » Sun Oct 04, 2020 12:06 am

For everyone: always buy things via Paypal or another third party payment handling account. That way your payment info is not shared with the website, which means you are safer and the website is also safer because there's less incentive for hackers to hack a website that wouldn't have people's payment information.

If you used Paypal to buy from the JRR website, then your credit card info was never stored in the JRR website.

Teksonik · Post by **Teksonik** » Sun Oct 04, 2020 12:20 am

jochicago wrote: Sun Oct 04, 2020 12:06 am If you used Paypal to buy from the JRR website, then your credit card info was never stored in the JRR website.

Uncle E wrote: Sat Oct 03, 2020 7:36 pm We never collect or store any credit card information. Even in the past when we accepted direct credit card payments, you were redirected directly to the credit card processor's interface and your information never touched our site. This is also true for PayPal payments, by the time you enter any passwords or payment information, you are completely inside of PayPal and none of your information is being communicated in any way to our site.

Ok let's cut Uncle E some slack. He's always been a solid contributor here and JRR Shop has always been a safe place to shop.

I think he's the victim and not the bad guy in this whole story. Let's keep cool and see what happens going forward.

chk071 · Post by **chk071** » Sun Oct 04, 2020 12:38 am

jochicago wrote: Sun Oct 04, 2020 12:06 am For everyone: always buy things via Paypal or another third party payment handling account. That way your payment info is not shared with the website, which means you are safer and the website is also safer because there's less incentive for hackers to hack a website that wouldn't have people's payment information.

If you used Paypal to buy from the JRR website, then your credit card info was never stored in the JRR website.

I think the same holds true for about every third party payment service out there.

A problematic thing is when you "save your payment info in your account". Which means that you authorize a online store to use Paypal without having to authorize the payment with your Paypal login credential. I'd really not recommend doing that, because, if someone takes over your account on the store site, they can buy stuff with it. But, as far as I can see, JRR Shop doesn't allow that anyway.

husker37 · Post by **husker37** » Sun Oct 04, 2020 12:48 am

Its not just payment information, but personal information (names, addresses, phones, etc) as well. Agree that he is a nice guy, but no way I'm ever buying from JRRShop again.

mgw38 · Post by **mgw38** » Sun Oct 04, 2020 12:57 am

husker37 wrote: Sun Oct 04, 2020 12:48 am Its not just payment information, but personal information (names, addresses, phones, etc) as well. Agree that he is a nice guy, but no way I'm ever buying from JRRShop again.

If I would stop buying from companies who lost my personal information, I would have to start raising my own chicken and sew my own shirts. This is the world we live in.

husker37 · Post by **husker37** » Sun Oct 04, 2020 1:02 am

mgw38 wrote: Sun Oct 04, 2020 12:57 am
husker37 wrote: Sun Oct 04, 2020 12:48 am Its not just payment information, but personal information (names, addresses, phones, etc) as well. Agree that he is a nice guy, but no way I'm ever buying from JRRShop again.
If I would stop buying from companies who lost my personal information, I would have to start raising my own chicken and sew my own shirts. This is the world we live in.

Agree, it is the world we live in. But JRRShop has been up and down for a couple of years - he's had plenty of opportunities to make corrections. So no excuse in my book. Too many other options these days who don't have these issues.

Uncle E · Post by **Uncle E** » Sun Oct 04, 2020 5:08 am

husker37 wrote: Sun Oct 04, 2020 12:48 am Its not just payment information, but personal information (names, addresses, phones, etc) as well. Agree that he is a nice guy, but no way I'm ever buying from JRRShop again.

Please try back when we launch the new site. It should be up next month.

JRR shop info etc