qwakuk
Member of DD Central
Posts: 236
Likes: 87
|
Post by qwakuk on Jan 13, 2023 9:58:22 GMT
Received this email supposedly from Elfin Market and a few minutes later the same message forwarded on again Anyone else received the same ? Will be contacting EM once I find the contact email address Attachments:
|
|
|
Post by Badly Drawn Stickman on Jan 13, 2023 10:04:00 GMT
Received this email supposedly from Elfin Market and a few minutes later the same message forwarded on again Anyone else received the same ? Will be contacting EM once I find the contact email address Yes I received similar. Seemed to be a one note file that my virus protection took exception to.
|
|
liso
Member of DD Central
Posts: 387
Likes: 394
|
Post by liso on Jan 13, 2023 10:52:07 GMT
Likewise. I have emailed Elfin Market and will share their response if/when I get one.
|
|
liso
Member of DD Central
Posts: 387
Likes: 394
|
Post by liso on Jan 13, 2023 11:13:39 GMT
Prompt reply from Elfin Market...
Thanks so much for letting us know.
Our specialist team are currently investigating this.
If you haven't already, please delete the email and don't respond to it.
Please let us know if you have any questions.
|
|
|
Post by scrumper on Jan 13, 2023 16:04:40 GMT
Prompt reply from Elfin Market... Thanks so much for letting us know.
Our specialist team are currently investigating this.
If you haven't already, please delete the email and don't respond to it.
Please let us know if you have any questions.
I've just received an email from Elfin Market saying the same thing, plus "We have taken immediate steps to resolve this problem and to prevent this issue from reoccurring. At this point in time, our investigation indicates that no personal data has been compromised, but we will be in contact again should we discover otherwise." Surely investors email addresses are personal data. Password changed as a precaution.
|
|
|
Post by Badly Drawn Stickman on Jan 16, 2023 17:39:17 GMT
It seems to me they are being a bit insincere to suggest there has been no breach of personal date.
It is obvious the email came through their system somehow. The obvious conclusion being there was a system breach. Logically the email addresses have been harvested as a consequence. Effectively removing any trust in any email from Elfin that is not 'routine'.
Granted the hacking was one on a soft target but a company in 'this line of work' should be totally secure. Not a good look....
|
|
Greenwood2
Member of DD Central
Posts: 4,217
Likes: 2,669
Member is Online
|
Post by Greenwood2 on Jan 16, 2023 21:03:32 GMT
It seems to me they are being a bit insincere to suggest there has been no breach of personal date. It is obvious the email came through their system somehow. The obvious conclusion being there was a system breach. Logically the email addresses have been harvested as a consequence. Effectively removing any trust in any email from Elfin that is not 'routine'. Granted the hacking was one on a soft target but a company in 'this line of work' should be totally secure. Not a good look.... I assumed it was an internal email that inadvertently got sent to (some?) lenders as well by mistake, if so I don't see any big problem. Not sure why you think it was an external security breach that would compromise lender data, changing passwords is a sensible precaution just in case. I have seen something like this from another platform a while ago, someone pressed the wrong 'send it to' button.
|
|
|
Post by Penny Pincher on Jan 16, 2023 21:07:07 GMT
It could have been an employee mistake. Someone with legitimate access to user data who inadvertently shared a file/folder. In which case, EM would know for sure that there hasn't been an data loss.
Also, in the case of a security breach, it can't be assumed that any email addresses have been harvested. The email looks to have been sent by a cloud storage system of some kind; it's possible to use such systems without having access to other users' email addresses.
|
|
|
Post by Badly Drawn Stickman on Jan 16, 2023 21:40:55 GMT
It seems to me they are being a bit insincere to suggest there has been no breach of personal date. It is obvious the email came through their system somehow. The obvious conclusion being there was a system breach. Logically the email addresses have been harvested as a consequence. Effectively removing any trust in any email from Elfin that is not 'routine'. Granted the hacking was one on a soft target but a company in 'this line of work' should be totally secure. Not a good look.... I assumed it was an internal email that inadvertently got sent to (some?) lenders as well by mistake, if so I don't see any big problem. Not sure why you think it was an external security breach that would compromise lender data, changing passwords is a sensible precaution just in case. I have seen something like this from another platform a while ago, someone pressed the wrong 'send it to' button. I was basing my comments on email replies I have received, but I am sure your assumption is equally valid.
|
|
|
Post by birdie on Jan 17, 2023 9:22:43 GMT
I got the two e-mails from Elfin, luckily my anti virus wouldn't let me open them, Elfin did get in touch to say not to open them , do not click on any links and to delete them from my system, which I have.
|
|