Knife Center Personal Data Leaks

Discuss Spyderco's products and history.
User avatar
BeggarSo
Member
Posts: 234
Joined: Sun Sep 12, 2021 6:50 pm

Knife Center Personal Data Leaks

#1

Post by BeggarSo »

Those of you purchasing Spyderco Products from Knife Center as I have in the past should be aware of data leaks from this company evidently per Nord VPN security my account with them has been compromised without them informing me as a customer they have suffered a data breach.

Image

I logged in and changes my password, I typically do not permit vendors to save payment methods for later use for exactly these reasons and it has been since 2021 that I was able to purchase anything from them that was not a preorder. ( I don't do preorders)

Blade H.Q. suffered a data breach not too long ago but they did let me know and I had the Credit Card I used reissued with new numbers.

In todays environment data breaches are to be expected it is all in how the company handles it that counts. Thus far I am unimpressed with Knife Center.

I would advise if you have placed a credit card on file with them to remove it and have it reissued by your lending institution. If you have reused a password for this site elsewhere go to all possible sites probably Knife purchasing sites and change your password immediately. Please use different passwords for all sites.

Identity theft is a long, painful expensive and aggravating road to recover from, I have been in the I.T. Industry professionally for over 20 years and have witnessed first hand what people have gone through.

Message placed here not to condemn Knife Center but for the widest possible attention to help other Spyderco Collectors stay safe and secure.
:bug-red-white Those who are wise sharpen their steel to it's chemistry not their beliefs. "BeggarSo" :fortune-cookie
aicolainen
Member
Posts: 1788
Joined: Thu Jun 27, 2019 4:08 am
Location: Norway

Re: Knife Center Personal Data Leaks

#2

Post by aicolainen »

Thanks for the heads up. Can't log in atm, so they might be struggling with something.
No sensitive data stored there, and unique log in credentials, so not anticipating any consequences from this, but will change the password as soon as I'm able to log in.
mikey177
Member
Posts: 2156
Joined: Sat Aug 17, 2019 12:33 am
Location: Philippines

Re: Knife Center Personal Data Leaks

#3

Post by mikey177 »

Thank you for the warning. It is indeed good advice to have a unique password for different online retail sites.
User avatar
Manixguy@1994
Member
Posts: 12417
Joined: Fri Jun 10, 2016 12:12 pm
Location: Central Illinois
Contact:

Re: Knife Center Personal Data Leaks

#4

Post by Manixguy@1994 »

Thank you . I have different passwords for all sites and do not save my cc card anywhere .
MNOSD 0002 / Do more than is required of you . Patton
Nothing makes earth so spacious as to have friends at a distance; they make the latitudes and longitudes.
Henry David Thoreau
mikey177
Member
Posts: 2156
Joined: Sat Aug 17, 2019 12:33 am
Location: Philippines

Re: Knife Center Personal Data Leaks

#5

Post by mikey177 »

If I need to create a new password for a knife retail site, it will be $0ckDraw3r0verL0rd15v :zany
User avatar
nerdlock
Member
Posts: 1946
Joined: Sun Jul 19, 2020 3:43 am

Re: Knife Center Personal Data Leaks

#6

Post by nerdlock »

BeggarSo wrote:
Wed Jan 18, 2023 3:49 pm
....
Identity theft is a long, painful expensive and aggravating road to recover from, I have been in the I.T. Industry professionally for over 20 years and have witnessed first hand what people have gone through.
....


Image


Sorry, I just had to insert this from one of my favorite shows ever. :squinting-tongue
8Cr13MoV:N690Co:VG10:S30V:S35VN:S45VN:Elmax:SPY27:H1:LC200N:4V:MagnaCut:CTS-XHP:204P:M390:20CV:Cru-Wear:Z-Wear:M4:Rex-45:10V:K390:15V:S90V:Z-Max:Maxamet
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#7

Post by Naperville »

I am a retired system administrator and NOC analyst.

I use password managers to create complex 20+ character passwords. I also use Capital One's ENO to create temporary credit cards that expire, but unfortunately have a temp cc for a preorder.

I do not like my data being "out there" but I want the knives.

I contacted Knife Center and gave them the link to this thread.

I have been receiving spam txt messages and emails from hackers for over a decade and I have even changed phone numbers and email addresses. Without opening to read, I delete everything every day in my inbox and txt messages unless I know who it is that is contacting me, and then I look at links before opening them. I also have GMail security and Trend Micro anti virus checking every email link and txt message.

Nonetheless, according to monthly reports, Trend Micro catches 25 to 50 bad links and malware that his my system every month.

When they ask me to make up responses for the security questions, I use the password manager to create the fake 20+ character responses and I record what the response is for account recovery. I use 2 Factor Authentication for all banking sites.
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
User avatar
BeggarSo
Member
Posts: 234
Joined: Sun Sep 12, 2021 6:50 pm

Re: Knife Center Personal Data Leaks

#8

Post by BeggarSo »

nerdlock wrote:
Wed Jan 18, 2023 7:30 pm
BeggarSo wrote:
Wed Jan 18, 2023 3:49 pm
....
Identity theft is a long, painful expensive and aggravating road to recover from, I have been in the I.T. Industry professionally for over 20 years and have witnessed first hand what people have gone through.
....


Image


Sorry, I just had to insert this from one of my favorite shows ever. :squinting-tongue
Lol good one! All I can say is they better watch out my Red Swingline Stapler is missing and we all know what that could lead to>>>> and for those of you who don't https://youtu.be/ePK2Ct10Bo4?t=49
:bug-red-white Those who are wise sharpen their steel to it's chemistry not their beliefs. "BeggarSo" :fortune-cookie
jalcon
Member
Posts: 945
Joined: Wed Sep 04, 2013 8:50 am
Location: Hershey, PA

Re: Knife Center Personal Data Leaks

#9

Post by jalcon »

Naperville wrote:
Wed Jan 18, 2023 7:31 pm
I am a retired system administrator and NOC analyst.

I use password managers to create complex 20+ character passwords. I also use Capital One's ENO to create temporary credit cards that expire, but unfortunately have a temp cc for a preorder.

I do not like my data being "out there" but I want the knives.

I contacted Knife Center and gave them the link to this thread.

I have been receiving spam txt messages and emails from hackers for over a decade and I have even changed phone numbers and email addresses. Without opening to read, I delete everything every day in my inbox and txt messages unless I know who it is that is contacting me, and then I look at links before opening them. I also have GMail security and Trend Micro anti virus checking every email link and txt message.

Nonetheless, according to monthly reports, Trend Micro catches 25 to 50 bad links and malware that his my system every month.

When they ask me to make up responses for the security questions, I use the password manager to create the fake 20+ character responses and I record what the response is for account recovery. I use 2 Factor Authentication for all banking sites.
Image
User avatar
RustyIron
Member
Posts: 2376
Joined: Mon Mar 18, 2019 9:01 pm
Location: La Habra, CA
Contact:

Re: Knife Center Personal Data Leaks

#10

Post by RustyIron »

Naperville wrote:
Wed Jan 18, 2023 7:31 pm
When they ask me to make up responses for the security questions, I use the password manager to create the fake 20+ character responses and I record what the response is for account recovery.
Dude, you're the only other crackpot I've ever met who does that. Recently I made a phone call to one of my financial institutions, and the person on the other end had to ask me all the security questions.

Customer Service: Can you give me your mother's maiden name?

Me: Do we have to do this?

CS: Yes, I need to confirm your identity.

Me: Fine. Listen carefully. I'll speak slowly. I(svhB2cwykjm*2kfd8K3c2MeQpur

CS: Very good. Now can you please tell me the name of your best friend in high school.

Me: Sure. R@R8emoEQMQ.udg*q.XrfgF

CS: Thank you. Now can you tell me the make and model of your first car?

Me: Yes I can. It's similar to the other answers. Are you sure you want to keep doing this?

CS: Nah, I'm pretty sure it's you. How can I help you today?

Now that we're well into the 21st century, there's really no excuse for sloppy password handling... or silly security questions that any hacker with a lick of sense can figure out.
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#11

Post by Naperville »

I'm impossible to break and relentless about security.

That is what working as a system administrator and NOC analyst in Silicon Valley does to you. From 2000 to almost 2003 I worked for a biotech conducting genomics research and caught a Chinese Green Card Holder, the Director of Bioinformatics, stealing data. Actually, he stole pretty much everything and there were not very good controls at the company.

The VP and Dir of Operations would allow him to "look" at the lab notebooks so he knew precisely what he was looking at. And he had me backing up the genomics data off of robots and handing him the CDs.

I came in one evening on a Saturday night very late and saw him at his desk and wondered what he was doing so I had our IT hub in Huston, TX where our Frame Relay terminated set up a wiretap. They caught him immediately. He was sending the data to China. He was terminated, and 6 months later went to the VP of the business unit's home in Mountain View, California and shot and killed her.

So there you go.
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#12

Post by Naperville »

RustyIron wrote:
Thu Jan 19, 2023 12:34 am
Naperville wrote:
Wed Jan 18, 2023 7:31 pm
When they ask me to make up responses for the security questions, I use the password manager to create the fake 20+ character responses and I record what the response is for account recovery.
Dude, you're the only other crackpot I've ever met who does that. Recently I made a phone call to one of my financial institutions, and the person on the other end had to ask me all the security questions.

Customer Service: Can you give me your mother's maiden name?

Me: Do we have to do this?

CS: Yes, I need to confirm your identity.

Me: Fine. Listen carefully. I'll speak slowly. I(svhB2cwykjm*2kfd8K3c2MeQpur

CS: Very good. Now can you please tell me the name of your best friend in high school.

Me: Sure. R@R8emoEQMQ.udg*q.XrfgF

CS: Thank you. Now can you tell me the make and model of your first car?

Me: Yes I can. It's similar to the other answers. Are you sure you want to keep doing this?

CS: Nah, I'm pretty sure it's you. How can I help you today?

Now that we're well into the 21st century, there's really no excuse for sloppy password handling... or silly security questions that any hacker with a lick of sense can figure out.
[+1]

Very good. If we get hacked, at least we did everything possible to prevent it.
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#13

Post by Naperville »

jalcon wrote:
Wed Jan 18, 2023 9:25 pm
Image

:winking-tongue
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
JRinFL
Member
Posts: 6145
Joined: Wed Nov 18, 2015 10:30 am
Location: Unfashionable West End of the Galaxy (SE USA)

Re: Knife Center Personal Data Leaks

#14

Post by JRinFL »

OP, thanks for posting this. I did not get any notice either, not did my monitoring service give me a heads up.

Probably should mention that LastPass password manager service was also hacked recently and they lost the backup of all customer data. Lots of people will be crying soon if they failed to change all of their passwords & move to another service.

The random long generated passwords for those security questions is overkill and unnecessary. Just putting random words is enough and much easier to use if needed. Just make sure they are not tied to your real information. Besides, like the LastPass hack above, proper hacking is not guessing passwords and security questions, its getting the entire database which includes all your answers and other data. Most of that is not likely to be encrypted, unfortunately. Most of these companies are about making money and not about keeping your data safe.
"...it costs nothing to be polite." - Winston Churchill
“Maybe the cheese in the mousetrap is an artificially created cheaper price?” -Sal
Friends call me Jim. As do my foes.
M.N.O.S.D. 0001
User avatar
p_atrick
Member
Posts: 1536
Joined: Fri Jun 16, 2017 5:35 pm
Location: Boston Area

Re: Knife Center Personal Data Leaks

#15

Post by p_atrick »

Naperville wrote:
Wed Jan 18, 2023 7:31 pm
I use 2 Factor Authentication for all banking sites.
Naperville, I'm sure you know this, but if you have the option of 2 Factor Authentication (2FA) by an app or via SMS/email always go with the app (something like Google Authenticator). This is way more secure than SMS or email. Security and convenience don't always mix. Often times, the more "annoying" solution is more secure.
User avatar
Bolster
Member
Posts: 5573
Joined: Sat Mar 03, 2007 1:27 pm
Location: CalyFRNia

Re: Knife Center Personal Data Leaks

#16

Post by Bolster »

Naperville wrote:
Thu Jan 19, 2023 4:09 am
I'm impossible to break and relentless about security.

That is what working as a system administrator and NOC analyst in Silicon Valley does to you. From 2000 to almost 2003 I worked for a biotech conducting genomics research and caught a Chinese Green Card Holder, the Director of Bioinformatics, stealing data. Actually, he stole pretty much everything and there were not very good controls at the company.

The VP and Dir of Operations would allow him to "look" at the lab notebooks so he knew precisely what he was looking at. And he had me backing up the genomics data off of robots and handing him the CDs.

I came in one evening on a Saturday night very late and saw him at his desk and wondered what he was doing so I had our IT hub in Huston, TX where our Frame Relay terminated set up a wiretap. They caught him immediately. He was sending the data to China. He was terminated, and 6 months later went to the VP of the business unit's home in Mountain View, California and shot and killed her.

So there you go.

What a story!!!
Steel novice who self-identifies as a steel expert. Proud M.N.O.S.D. member 0003. Spydie Steels: 4V, 15V, 20CV, AEB-L, AUS6, Cru-Wear, HAP40, K294, K390, M4, Magnacut, S110V, S30V, S35VN, S45VN, SPY27, SRS13, T15, VG10, XHP, ZWear, ZDP189
User avatar
Evil D
Member
Posts: 27147
Joined: Sat Jun 26, 2010 9:48 pm
Location: Northern KY

Re: Knife Center Personal Data Leaks

#17

Post by Evil D »

Well...in potentially related news some POS got my debit card info and signed up for GrubHub and just bought $53 worth of McDonald's using my card. Can't really say it's KnifeCenter's fault because it's impossible to pin down how these people get your info but it sure sucks.
All SE all the time since 2017
~David
Pokey
Member
Posts: 1209
Joined: Fri May 08, 2020 1:11 pm
Location: Thornton, Colorado

Re: Knife Center Personal Data Leaks

#18

Post by Pokey »

Does anyone keep their credit card locked? It can be a pain in the butt to have to unlock it when you want to use it, but I'll get text messages right away when the card is locked and a charge is attempted; it tells me it was denied. So far the only denials I've received are the times I've tested the system. That would be a clue right off the bat that someone has your account number.

By locking the card you don't have to check your account, or wait for the bank to send you a statement every month to see any suspicious activity, the text messages work in real-time. With the card locked the account is essentially dead.
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#19

Post by Naperville »

p_atrick wrote:
Thu Jan 19, 2023 9:18 am
Naperville wrote:
Wed Jan 18, 2023 7:31 pm
I use 2 Factor Authentication for all banking sites.
Naperville, I'm sure you know this, but if you have the option of 2 Factor Authentication (2FA) by an app or via SMS/email always go with the app (something like Google Authenticator). This is way more secure than SMS or email. Security and convenience don't always mix. Often times, the more "annoying" solution is more secure.
If they offer the Google Authenticator I use it. Many use email or txt message for a code, and I have no options.
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
User avatar
Naperville
Member
Posts: 4360
Joined: Sun Feb 04, 2018 2:58 am
Location: Illinois, USA

Re: Knife Center Personal Data Leaks

#20

Post by Naperville »

Bolster wrote:
Thu Jan 19, 2023 9:24 am
Naperville wrote:
Thu Jan 19, 2023 4:09 am
I'm impossible to break and relentless about security.

That is what working as a system administrator and NOC analyst in Silicon Valley does to you. From 2000 to almost 2003 I worked for a biotech conducting genomics research and caught a Chinese Green Card Holder, the Director of Bioinformatics, stealing data. Actually, he stole pretty much everything and there were not very good controls at the company.

The VP and Dir of Operations would allow him to "look" at the lab notebooks so he knew precisely what he was looking at. And he had me backing up the genomics data off of robots and handing him the CDs.

I came in one evening on a Saturday night very late and saw him at his desk and wondered what he was doing so I had our IT hub in Huston, TX where our Frame Relay terminated set up a wiretap. They caught him immediately. He was sending the data to China. He was terminated, and 6 months later went to the VP of the business unit's home in Mountain View, California and shot and killed her.

So there you go.

What a story!!!
That's only half the story if you can believe it.

The co business unit in Silicon Valley owes me $35,000 for completed work, milestone bonuses, raises, catching the theft, etc., and they never paid. I complained 2x on Yahoo Financials under their symbol when they were on NASDAQ and the FBI called me in for an interview where for 1hr they tossed me around, screamed at me, told me to not air dirty laundry on Yahoo Financials and to take them to court, as well as they were going to jail me for 90+ days and that I DID NOT HAVE A BILL OF RIGHTS!

I was B.R.O.K.E., living in a van, lost my bride to be(had to call off marriage), and so after all of that I went off to live in my van and study escrima/arnis to learn how to use a knife to defend myself for a year and studied 7 days a week 3 different Filipino knife arts. To this day I prep, and study escrima/arnis/kali by tape/video or in person when I physically can do the training. 2020 and 2021 were bad years for me physically, but so far 2023 looks good to go!

What I learned was that the FBI protects govt and corporate/capitalist interests, not US Citizens.
I support the 2nd Amendment Organizations of GOA, NRA, FPC, SAF, and "Knife Rights"
T2T: https://tunnel2towers.org; Special Operations Wounded Warriors: https://sowwcharity.com/
Post Reply