It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionWARNING! MASSIVE SECURITY RISK ON GOG!(164 posts)(164 posts)
(164 posts)
Pages:
1
2
3
4
5
6
7
8
9
10
11
This is my favourite topic
Posted June 04, 2019
avatar
HunchBluntley: Read immi101's post above. He summarizes pretty well how it works.
avatar
Themken: Yes games but not use it on other online shops to buy other things. That is in practise the difference between saving it as the number visible and using the method GOG uses.

The risk is, of course, any criminals buying gift codes.
avatar
GameRager: For those with limited income it's still bad, and even for those with more income it's still not good even if it's just a few bought games.

Basically those who choose to save payment details shouldn't have that feature made into a liability due to a security loophole in the site code/etc.
I'll stick to PayPal for the time being, thanks. ;) Still GOG stores payment data (even if they don't make it accessible to someone hacking your account), and if their site is THIS insecure, perhaps it's safer that they not have my payment details.
Posted June 04, 2019
Good that I only use Paysafecards to pay online. So no stealing of my money. If someone hijacks my account and want to buy games with it, he has to pay them from his own money! :-D
Posted June 04, 2019
avatar
paladin181: I'll stick to PayPal for the time being, thanks. ;) Still GOG stores payment data (even if they don't make it accessible to someone hacking your account), and if their site is THIS insecure, perhaps it's safer that they not have my payment details.
I used to use paypal a lot but one thing I didn't like is them sharing personal info(name/etc) with those I did transactions with(along with sh*t practices like closing some people's accounts for dumb reasons).
Posted June 04, 2019
Credit cards aren't the only issue.
If someone had unused Wallet funds...
Plenty of issues with this.
Posted June 04, 2019
Thanks that GoG has removed the fair price thing, so I don`t have any money now in my GoG wallet, which one could steal!
Well, you`ll always have to see the bright side of life!!!
Posted June 04, 2019
low rated
An aside: I wish GOG STAFF would answer replies to their posts and not just ignore them while being logged in....either they have notifications and are ignoring them for the most part, or they lack such notifications on staff/blue accounts...I dunno which would be worse.
Posted June 04, 2019
low rated
avatar
Fairfox: quick, someone write like me
avatar
DadJoke007: like me
i dont know whether to laugh or cry ;P
Posted June 04, 2019
No worries.
Post edited June 05, 2019 by KiNgBrAdLeY7
Posted June 04, 2019
avatar
chandra: If you don't check the "save this card for later use", the card info is not saved. We never store card details directly in our database.

Worth noting that an option to check and remove the card number is at the top of your order history.
Well,I have reset it a couple of times and it just reverts to original setting.
Posted June 04, 2019
That is all sorts of messed up...but at the same time, I am curious about how this was even possible in the first place.
Post edited June 04, 2019 by Rosalumina
Posted June 05, 2019
low rated
Question: Why is post 51 low rated? I am asking a serious question there and trying to be civil......it was not meant to be seen as an attack on GOG/staff.

(I'm guessing it's my "fans" again doing it, or perhaps people misread my intent.)
Posted June 05, 2019
I dunno how I got logged into Skeletonbow's account but this is the shortest post ever posted in the forums from his account ever.
Post edited June 05, 2019 by skeletonbow
Posted June 05, 2019
avatar
Rosalumina: That is all sorts of messed up...but at the same time, I am curious about how this was even possible in the first place.
This is pretty much what happened to Steam on Christmas 2015: https://arstechnica.com/gaming/2015/12/valve-explains-ddos-induced-caching-problem-led-to-xmas-day-steam-data-leaks-and-downtime/

In that case, their caching servers had issues and served the wrong pages to people. It could be what happened here.
Posted June 05, 2019
low rated
avatar
chandra: This situation is currently being investigated.
avatar
fronzelneekburm: I'm eager to hear the outcome of this investigation.
"We have concluded that the issue will best be addressed by another Gwent update, and a huge fuck-off TRY GALAXY banner on top of every page."
Post edited June 05, 2019 by Breja
Posted June 05, 2019
high rated
We never store your card details directly in our database. If a card is saved, a secure, encrypted token is created for future use, therefore there is no need for us to keep the actual card details.
Pages:
1
2
3
4
5
6
7
8
9
10
11
This is my favourite topic
Community
General discussionWARNING! MASSIVE SECURITY RISK ON GOG!(164 posts)(164 posts)
(164 posts)