DDD, DDCD, Digital Eyes, and DVDPlanet are all apparently owned by Infinity Resources--all this is from searching DVD Talk. I called this number below and they closed at 3 CST and won't open until Monday (if they do--it is a holiday in some places). I take it some of you were able to talk to csr's? I am too chicken to go to the site but thought I would pass this info on since I remembered this from the past. Also tried to get an operator on this number but no luck.

Deke Rivers wrote this about a year ago for the bricks and mortar store:
"Its called Music Movies and More
900 North Rohlwing Road
Itasca IL

(630)-775-3300 x5175
Its between Thorndale and Irving on Rohlwing
West side of Rohlwing"

No one knows for sure that only recently logged on accounts are being exposed. That was pure conjecture!

I checked my account and everything was okay. I made some changes like deleted my CC, then logged out. Logged back in and everything was still fine, but when I tried to logged out it wouldn't let me. So I exited out of the internet and deleted all cookies. That did it.

So, hopefully everything will be okay and hopefully nobody got hurt during this problem. Its plenty spooky.

Hmm, I thought everything was fixed (it's already 4:30PM PST), but when I went to the site, I had total access to a guy named David's account. Unfortunately, I had signed onto my own account on another browser and was unable to log off until I cleared all DDD cookies.

This is a big deal in terms of a reputation hit. But I can dispute charges pretty easily with AmEx. I'm not sweating things and I'll continue to shop at DDD. I just hope they improve their IT infrastructure.

So what's the consensus? When I left at 3pm central I could still see other accounts, but tonight I can't any more. I got brave and logged into my account. I logged in and out fine.

So is this fixed? Did anyone ever hear from DDD?

Something else to remember: If someone was to get into your account, change your email, get your password emailed to them, then change your email back without you knowing, they would have your email/password combo...even after the site is corrected.

Hi, I've been experiencing this problem all day, it's
9:15 EST and still can't log into my account. I managed to log in once this morning, thought the problem was fixed and haven't been able to log in again. I've been trying for the past half hour and kept getting other accounts, should I continue trying to log in or wait until the problem is solved? I've been using AOL if that helps.
I hope the problem does get fixed soon, as I would still like to continue shopping with them, as their prices and shipping service are very good.

I forgot to mention, I did call them this afternoon, they said they were aware of the problem and have gotten numerous calls and they have been working to fix the site.

zintar007, delete any DDD cookies and try again. This helped me log in, check things, and log out without seeing other people's stuff.

I just checked their site again - 9:30 EST and it logged me directly into Stephen's account... It's hard to believe that they won't just take their site off-line until they figure out how to fix their issues.

Yeah, at this point, this has passed into the stage of being utterly ridiculous. Early this morning and now tonight I've been getting a variety of "Hello, Soandsos!"

Clearly people from this board have gotten in contact with DDD, so they are aware of the issue. I would think such a serious case of more than likely a shitty security system allowing people to defraud their customers would catch their attention. Leaving the site up is just absurd.

I logged on around midnight to place an order unaware of this issue and then later when it was mentioned on DVDtalk around 5am... I couldn't change the credit card info at that time and gave up. Thankfully no one screwed around on my account today, but not for a lack of DDD allowing them access to.

I have to say, I think I'm done with them for the time being. This security hole is unacceptable this day and time for even ten minutes... But twenty four hours, and it's still ongoing? I'll pay a couple bucks more and use a site that cares about security and customer protection.

This is very disappointing...

Wow. I've wanted to give them the benefit of the doubt on this, but if they're knowingly leaving the site up while the problem is still occurring, that's inexcusable.

They have a history of communicating pretty openly with this forum. It'll be interesting to hear their explanation, and how they attempt damage control. This could have huge implications for their business.

That's just it. And the fact that the site stayed up almost all day while problems continued, and DDD ABSOLUTELY KNEW THIS, bothers me tremendously. Why is that site up while problems continue? It borders on criminal. And I'm not exaggerating.

Damn it, this just happened to me. I tried to change my info to bill me later and when i did it said my password didn't match. could that be it? everything else seemed fine although i couldn't log out until a couple of tries.

Angel

As it stands (10:27 EST), I logged into DDD under my username.

The title in the corner read "Welcome Matthew." I checked out each link at the top of the page (Home, Help, etc.) and everything worked fine.

My info was still there, and upon cursory glance, nothing was changed.

My order status showed nothing new had been ordered, nor anything added to my shopping cart.

I clicked "log out" and it logged me right out. (I use Opera, FYI.)

So, for me, everything seems to be in order.

As it stands (10:27 EST), I logged into DDD under my username.

The title in the corner read "Welcome Matthew." I checked out each link at the top of the page (Home, Help, etc.) and everything worked fine.

My info was still there, and upon cursory glance, nothing was changed.

My order status showed nothing new had been ordered, nor anything added to my shopping cart.

I clicked "log out" and it logged me right out. (I use Opera, FYI.)

So, for me, everything seems to be in order.

When I went to the site earlier tonight, I was welcomed as "Compromised by DDD." I viewed "account info" and saw the information for Frank Cantone. He had checked Bill Me Later, so I only saw his personal info and orders, no CC #.

This was not my info, but his last name is very close to mine. Coincidence?

I logged out and closed the window. When I reopened it now, about 2 hours later, I see the same "Welcome Compromised by DDD," but the account info for James J McMahon. Maybe they did get hacked?

I have not logged into DDD.com for a few days now. Should I log in and delete my credit card info before logging back out ??????? Or should I just not log in at all and leave everything in my account as is ?

thanks

i was charged with an order of 600$. i canceled my credit card.

Since it doesn't seem to be certain that logging in opens up your account, it might be prudent to log in, delete your automatic credit card billing (if you use it) and any other info you want confidential, check your orders for fraud, and log out. I also changed my password, so that later when things are resolved I can put it back to my preference if I wish and know that it hasn't been compromised in the meantime.

Did you note the "ship to" for sending to the authorities? Of course in a screwed up situation like this someone could claim they thought they were looking at their own account I suppose.

Also, if I recall, sometimes DDD orders don't show up in the "order status" section until a business day after the order, meaning perhaps you won't see fraudulent orders until Monday.

I have been using AOL as my Internet Explorer is down, and I dont have any cookies in my Windows folders. I tried logging in a few minutes ago and still kept getting other people's accounts.

they shipped the fucking thing to my self. What a ***.

here's what is happening for me with my compuserve software:

I visit the site and I get someone elses "welcome" messege. if I click on the account info to try to edit it for them and to get their email to let them know I get an error messege.

by the way, the names I'm getting are Andrew and Maxwell.