Our Halloween Writing Contest is coming up soon. Start Writing! [ Dismiss ]
Home » Forum » Author Hangout

Forum: Author Hangout

Bottom Flat View

Bowker is Broken!

Vincent Berg 🚫

The only site offering ISBNs for Americans has gone offline, reporting they were hacked with malware which was actively monitoring sales on the site (yet they've never reported this threat to any of their users.

Now, rather than addressing the problem and issuing warnings, they're now suggesting you either go through a more-expensive 3rd party, or you print out their order form a fax it to them for processing!

This is what comes when you grant a guaranteed governmental monopoly to a single company. With no competition, and no reason to retain or build their base, they simply don't give a fuckin' shit what happens to them!

So, if you've ever used Bowker at any point, make sure you change your log in to any site you used those log-in with, and cancel any credit cards you used to make purchases from them!

Crossing my fingers and hoping this finally proves the death knell for the company, so the government can finally turn over the lucrative monopoly to someone (anyone) else!

Replies:   Michael Loucks
     
Michael Loucks 🚫
Updated:

@Vincent Berg

So, if you've ever used Bowker at any point, make sure you change your log in to any site you used those log-in with, and cancel any credit cards you used to make purchases from them!

Password reuse is the bane of every person responsible for IT security. Get a password manager, have it generate 15+ character gibberish passwords, randomly, for each site, and have that vault protected with a strong passphrase which you use nowhere else and which is known to nobody but yourself and a trusted person who could use it in the case of your disability or demise.

I uses RememBear, but 1Password, and LastPass are very good as well.

Replies:   Vincent Berg
      
Vincent Berg 🚫

@Michael Loucks

Password reuse is the bane of every person responsible for IT security. Get a password manager, have it generate 15+ character gibberish passwords, randomly, for each site, and have that vault protected with a strong passphrase which you use nowhere else and which is known to nobody but yourself and a trusted person who could use it in the case of your disability or demise.

The problem isn't the passwords, it's that the hackers had access to each payment as it was made, meaning they have names, full addresses, credit cards (the only payments that Bowker accepts) and the CC# and 'good till' date from your credit cards. Thus someone could have been either draining little bits over long time, or drain entire credit cards. Yet Bowker, not wanting bad publicity, never felt it worth their while warning anyone about their security FU and their security breech!

Replies:   Michael Loucks
     
Michael Loucks 🚫

@Vincent Berg

The problem isn't the passwords, it's that the hackers had access to each payment as it was made, meaning they have names, full addresses, credit cards (the only payments that Bowker accepts) and the CC# and 'good till' date from your credit cards. Thus someone could have been either draining little bits over long time, or drain entire credit cards. Yet Bowker, not wanting bad publicity, never felt it worth their while warning anyone about their security FU and their security breech!

Sure, but I was addressing the specific point you made about changing your password at a site where you used the same credentials.

The solution to preventing intercepted payments is one-time credit card numbers (some CCs do this for you, and ApplePay does it as well).

And white hot death to sites who know they have breaches and do not disclose them.

      
Reply to topic

Back to Top

Close
 

WARNING! ADULT CONTENT...

Storiesonline is for adult entertainment only. By accessing this site you declare that you are of legal age and that you agree with our Terms of Service and Privacy Policy.