From: "RE: Second HACK thanks to....

From: "RE: Second HACK thanks to JoomDonation.com" <tuanpn@joomdonation.com>
Sent: December 3, 2014 8:38:30 AM EST

Anyone can explain this? The second email contains more personal data....

??????

Yep, same. Although all the info he has is still useless, at least in my case...

I got a second email with even more personal information , is that the way Joomdonations treat personal information you are trusted with?

Hello tomjoomla

Do you remember my last email about JoomDonation.com? It's me again

JoomDonation.com lied so much about what happened in their officialy statement. I have all of their database in my hands. Here you have a snippet of your won data:

Username: tomjoomla
Email: XXXXXXX@gmail.com
Password Hash: XXXXXXXXXXXXXXX
Registration Date: 2010-08-26 00:15:22
Latest Order Total: 29.99
Latest Order Transaction ID: XXXXXXXXXXX
All Orders Total: 29.99

If you think your password is safe then go to www.google.com/search?q=Hashcat .

I got two of them...

one from:
and the second one from:
Both showing this information (personal info blanked out, but not in the email)

Better get a little better information this time....as to what in the hell is going on....

The same for me, it seems that the victim is JoomDonation.com. It's interesting that the email came from JoomDonation domain this time ...

Hilarious...

Firstly my name / username is not "corrall"
And I registered in 2012 not "2013"

So now I know its definite BS

My registration date is dead on...I searched my gmail...so it's probably not TOTALLY bs. We also don't know how the passwords were hashed and salted so a normal hash cracker isn't going to do any good. It's not SHA1 or (thank goodness) MD5.

ALL My information is correct .. so at least they got my password, username, and email... things I entrusted Joomdonations.com with.

Stop trying to make it look like is not that serious ... THEY GOT ALL THE PERSONAL INFO WE ENTRUSTED JOOMLADONATION.COM WITH!!!!

It's 10:30pm in Vietnam. I wonder if Tuan is asleep. I guess there's not much he can say. When you're pwned you're pwned.

Personally, I had a bunch of out of commission sites that used his components on my server that I just deleted. No use dealing with that junk. I do have one live site. I haven't heard of any sort of relegation on this stuff, BUT

There are sites that he's tweeting that he's saying he's owned. I'll do some research on that.

tomjoomla wrote: ALL My information is correct .. so at least they got my password, username, and email... things I entrusted Joomdonations.com with.

Stop trying to make it look like is not that serious ... THEY GOT ALL THE PERSONAL INFO WE ENTRUSTED JOOMLADONATION.COM WITH!!!!

This is very true indeed. This is a hassle that PITA that I do not have time for at the moment, and apparently have paid for it. There is another troublesome concern for me, that being

We have been using a VPS server to secure customers data, unfortunately, there was still security hole and the server has no Firewall software, so the hacker could get into the system and stole these information.

I would have thought that a firewall would have been paramount in their decision making process to store client data?....

It may be nothing to some, but ultimately, it is MY information, and I still like to control who lets it out and when. I did not give it to this site in order for it to be distributed freely on the net and then sloughed off. The breech before, joomla's questioning of Edoc, and these 2 incidents today, in combination with the explanation (or lack thereof) tells me there is more going on then what has been posted....