Streakwave stores your username/password credentials in plaintext. If you reset a streakwave password it sends you back your whole password's plaintext. This is a huge issue - passwords need to be stored with a one-way hash, salted.
On Wed, Apr 4, 2018 at 12:24 PM, Brett A Mansfield < [email protected]> wrote: > This is just an FYI and should not reflect poorly on the companies > mentioned. All or even none of them may have been the cause. I’m sending > this out just so people pay extra attention to their accounts and so the > companies listed can verify their security. > > I have an account/card I use ONLY for purchasing equipment. This card is > only two months old and has just been used by someone in the Czech Republic. > > The ONLY places I’ve ever used this card at are the following websites: > > Streakwave.com > Doubleradius.com > Balticnetworks.com > Flytechconputers.com > EnduranceHardware.com > Amazon.com > > All were used within the past two weeks. The fraudulent charges happened > today. I encourage all to check their accounts and website security/virus > protection. > > > Thank you, > Brett A Mansfield > >
