ForumsSupport ForumData breach

2 4720
lnr1
offline
lnr1
1 posts
Nomad

When was Armor Games going to notify me of the data breach in January of this year? Seems like a pretty easy court case here if you knew and haven't notified me or any other users

  • 2 Replies
Ferret
offline
Ferret
9,323 posts
Bard

@lnr1 We've e-mailed all people involved in the breach much earlier this year. You can find more information on this here...

https://armorgames.com/page/data-breach-2019

darthsneaker
offline
darthsneaker
1 posts
Nomad

Hi armorgames security team (if there is any):
My email address was used by spammers at 07/10/2019 12:59 PM. Since then i got several more spam mails.
I created this email address specifically for armorgames and never gave it to someone else.
So i can highly assume you either have another data breach now, or - since i was not contacted yet - you did not contact me for the data breach in january i just now learned of.
I've changed my email address now to a new one, again containing a random number in the local part to make dictionary guessing of that address very unlikely, but i would highly recommend to provide at least some way of directly contacting you about abuse over regular ways like a whois abuse email (which is not available since your cloudflare &quotrotection" prevents this), an email address or at least a visible contact form on your page or anything like that. But you seem to make it hard to contact you for such cases, maybe you've already missed hints of problems with your page just because you make it too hard to contact you. Also in case of "reporting a bad ad" (which i got via email to an address i only gave you, so i assume it actually came from you) you state that "you can report this to us via the Support Forums or the Other section of our Contact Us page" where the "Contact Us page" is completely invisible to me no matter if i am logged in or not. I was not able find it even though i searched throughout all common and uncommon places for such a contact page. It seems to me that any hint in cases of abuse or data leak have to go through the forums preceeding a longer search of how to contact you and needing an account to be able to post to that forum. I suggest you should be more open for people who want to contact you for security related stuff (and actually partly do YOUR work for free by doing so), maybe that easy reachable way of contacting you alone could increase your overall security and prevent further data breaches please don't be THAT stupid to prevent people from telling you about your security problems ...
anyway either fix your processes (not contacting me about your data breach) or fix your platform security problems.

Showing 1-2 of 2