Heritage Auctions followup Oct. 21 (official)
swhuck
Posts: 546 ✭✭✭
Our Email and phone systems are fully operational, and we expect the website to be up soon.
We have confirmed that we were the victim of a malware attack. We have no evidence and no reason to believe that there was any unauthorized acquisition of any client or company data. Additionally, client financial information such as credit card numbers and bank account information is maintained and secured by the payment provider. Further, all HA.com passwords are encrypted.
All currently affected auctions will be extended or rescheduled, with revised schedules posted once HA.com returns to service.
Sincerely,
Stewart Huckaby
mailto:stewarth@HA.com
------------------------------------------
Heritage Auctions
Heritage Auctions
2801 W. Airport Freeway
Dallas, Texas 75261
Phone: 1-800-US-COINS, x1355
Heritage Auctions
Stewart Huckaby
mailto:stewarth@HA.com
------------------------------------------
Heritage Auctions
Heritage Auctions
2801 W. Airport Freeway
Dallas, Texas 75261
Phone: 1-800-US-COINS, x1355
Heritage Auctions
Tagged:
6
Comments
This reads as though it is the best case scenario to an awful situation. I hope you are successful and also hope no one has their information compromised.
In honor of the memory of Cpl. Michael E. Thompson
I look forward to lustily bidding soon
Thanks for keeping us informed!
Latin American Collection
Good news. Looking forward to the next coin auction.
Thanks for keeping us posted.
Keeper of the VAM Catalog • Professional Coin Imaging • Prime Number Set • World Coins in Early America • British Trade Dollars • Variety Attribution
Excellent news to what could have been disastrous. Thanks for the update!
Having “no evidence” does not mean nothing was stolen. Until we get an answer as to what type of attack it’s always safe to assume your information was stolen. This wasn’t done for fun.
My Type Set & My Complete Proof Nickel Set!
The fact that whatever it was crashed out the site/database is actually a sign that the goal might not have been stealing data. Data thefts are generally done as quietly as possible, for obvious reasons. That’s why so many companies end up saying “we just realized someone breached our servers two years ago...”
I won a coin on Friday. I wonder if I'm still the winner?
Our Email and phone systems are fully operational, and we expect the website to be up soon --- October 21, 2019 6:21PM.
please define"up soon" as used in the OP. we are now in Day 5 and this seems pretty serious. my thoughts are that the entire problem is being minimized by Heritage for obvious reasons. perhaps there should be something in place for customers to disable/delete there current account and start fresh.
Changing passwords when they come back should be sufficient. As long as the financial information was, as they say, on a separate site, there really shouldn't be a problem.
I'd rather they take their time conducting a thorough root cause analysis, be rigorous about fixing it, and carry out thorough testing, including scheduling "ethical hacking," than hurry something along. Whenever they say that everything is fine, they have to be right.
Keeper of the VAM Catalog • Professional Coin Imaging • Prime Number Set • World Coins in Early America • British Trade Dollars • Variety Attribution
John, didn't they sort of say that with the OP??
Sort of. They said what happened, but didn't disclose how it happened and why it wasn't prevented, nor would I expect them to in this case.
Keeper of the VAM Catalog • Professional Coin Imaging • Prime Number Set • World Coins in Early America • British Trade Dollars • Variety Attribution
Hummmm, interesting that I got a email from Heritage on October 2nd stating that the credit card I had on file was expiring 11/1/2019. It's a credit card I no longer use and it was cancelled about a year ago so I ignored the message figuring I would use a new card on my next purchase. I wonder if that email had anything to do with the attack.
it's crackers to slip a rozzer the dropsy in snide
Did a double take and had to wonder why? (about the phone)
Then realization hit! Internet phone.
Checking my ol’ fashioned landline.
Still got a dial tone.
Let us know
Well, insn't that special !
Thank You, for the update.
I was just worried about your PR, which seems to be in order.
But what do I know. Cool .
Heritage website back online. I'm still the winner of the coin. Just waiting for the invoice.