twoheads
Member of DD Central
Programming
Posts: 1,089 
Likes: 1,192
|
Post by twoheads on May 9, 2017 8:28:02 GMT
I wonder if this is potentially what triggered the recent name change from Saving Stream to Lendy? ... Possibly time for your blog page to do the same.
Nice blog which I haven't seen before. Plenty of useful information on P2P security, well presented.
|
|
will
Member of DD Central
Posts: 98
Likes: 57
|
Post by will on May 9, 2017 8:59:42 GMT
I can confirm that we store hashes of passwords and not the passwords themselves, not even in an encrypted form. Thanks for confirming. At least accounts should be safe. I know my details are already all over the internet from security breaches elsewhere - I think that's just a fact of life now for anyone with an online presence. Has anyone else used this? matchlight.terbiumlabs.com/It's interesting to see what personal data of yours is floating around the Internet.
|
|
ilmoro
Member of DD Central
'Wondering which of the bu***rs to blame, and watching for pigs on the wing.' - Pink Floyd
Posts: 11,329
Likes: 11,549
|
Post by ilmoro on May 9, 2017 9:07:09 GMT
Which, in itself, confirms they really don't have any kind of relationship there. I wonder if this is potentially what triggered the recent name change from Saving Stream to Lendy? ....Saving Stream became aware of a data breach, and instead of being open/public about it and notifying lenders that their details had potentially been compromised, they simply changed their name instead, to try to distance themselves/avoid embarrassment when it became public? As fasty quite rightly said; "Imagine you picked a member of the population at random.. the chances of them being a Lendy investor are minuscule. It seems just too unlikely" Think you`ll find that was prompted by the FCA as the term saving isnt suitable for the P2P product or risk level as it is synonomous with mainstream FSCS protected accounts. Sorry but almost certainly no indication of a cover up in the rebrand
|
|
vmail
Open image in a new tab.
Posts: 457
Likes: 217
|
Post by vmail on May 9, 2017 9:14:50 GMT
My account appears to be hacked. The loan parts on the SM are not selling quickly enough.
|
|
elliotn
Member of DD Central
Posts: 3,064
Likes: 2,681
|
Post by elliotn on May 9, 2017 9:28:19 GMT
Which, in itself, confirms they really don't have any kind of relationship there. I wonder if this is potentially what triggered the recent name change from Saving Stream to Lendy? ....Saving Stream became aware of a data breach, and instead of being open/public about it and notifying lenders that their details had potentially been compromised, they simply changed their name instead, to try to distance themselves/avoid embarrassment when it became public? As fasty quite rightly said; "Imagine you picked a member of the population at random.. the chances of them being a Lendy investor are minuscule. It seems just too unlikely" AFAI was informed it was innovative integration of the borrower and lender sides of the business to reinforce brand recognition and streamline online presence after onboarding a marketing and communications expert. Edit - crossed with the correct answer by ilmoro and they seemingly took the simplest choice.
|
|
ramblin rose
Member of DD Central
“Some people grumble that roses have thorns; I am grateful that thorns have roses.” — Alphonse Karr
Posts: 1,370
Likes: 857
|
Post by ramblin rose on May 9, 2017 9:38:14 GMT
Hi, advice with any calls like this is to ignore and hang up immediately. Do though please let me know if you or anyone else get a call, as it will help us get to the bottom of it. I can confirm that we store hashes of passwords and not the passwords themselves, not even in an encrypted form. I have very suddenly been getting a few 'investment opportunity' texts and phone calls over the past week or so. I simply refuse to engage in conversation with them and immediately bin the texts so don't get as far as asking where they got my details from. I generally take the view that I'll never know, but this has me now wondering about the coincidence.
|
|
|
|
Post by endure on May 9, 2017 10:04:04 GMT
I'd be surprised if they said where they actually got your info from, but I'd be even more surprised if they use SS as their default response to that question. To me, it sounds like SS have leaked data. The caller said within 10 seconds of the start of the call that he'd had my details from SS. I didn't ask him - he mentioned it first.
|
|
|
|
Post by endure on May 9, 2017 10:07:16 GMT
They didn't say Lendy they said Saving Stream. Which, in itself, confirms they really don't have any kind of relationship there. About 20 minutes. I've never received a call like this before so I just let him burble on. When he asked how much I had to invest I told him I'd wait for the email. He asked the same question 4 times and got the same answer. He rang off promising to send the email straight away. It hasn't arrived yet... He did know my email address as he confirmed it while he was on the phone.
|
|
ilmoro
Member of DD Central
'Wondering which of the bu***rs to blame, and watching for pigs on the wing.' - Pink Floyd
Posts: 11,329
Likes: 11,549
|
Post by ilmoro on May 9, 2017 10:50:10 GMT
I'd be surprised if they said where they actually got your info from, but I'd be even more surprised if they use SS as their default response to that question. To me, it sounds like SS have leaked data. The caller said within 10 seconds of the start of the call that he'd had my details from SS. I didn't ask him - he mentioned it first. I assume you havent signed up to view the prospectus of the Savingstream Bond which is the only Lendy group entity still using the old moniker? Thats the kind of thing I would expect to generate this sort of 'investment' opportunity lead.
|
|
|
|
Post by endure on May 9, 2017 12:11:56 GMT
The caller said within 10 seconds of the start of the call that he'd had my details from SS. I didn't ask him - he mentioned it first. I assume you havent signed up to view the prospectus of the Savingstream Bond which is the only Lendy group entity still using the old moniker? Thats the kind of thing I would expect to generate this sort of 'investment' opportunity lead. No I've not had anything to do with it.
|
|
|
|
Post by endure on May 9, 2017 15:35:25 GMT
Further news.
I've just had another call from the same man.
He said he was calling from 'Project 12'.
He called me by my name when I picked the phone up.
He said he'd rung me several months ago and was calling to see if I'd thought any more about his investment.
He mentioned SS again.
I pointed out to him that he'd called me yesterday and he'd promised me an email.
He attempted to confirm my email address. The first part (my first name) was correct but the rest of it belonged to someone else.
I put the phone down.
Yesterday 1471 told me the caller had withheld the number.
Today 1471 told me he was calling from 0208 123 2972
|
|
p2pmark
Member of DD Central
Posts: 218
Likes: 187
|
Post by p2pmark on May 9, 2017 15:46:23 GMT
A quick Google search of that phone number (making sure the spaces are in the right place) reveals them to be a travel marketing company in Battersea. Not sure if I'm allowed to name them?
|
|
|
|
Post by solicitorious on May 9, 2017 15:50:03 GMT
A quick Google search of that phone number (making sure the spaces are in the right place) reveals them to be a travel marketing company in Battersea. Not sure if I'm allowed to name them? dissolved in 2015, formerly run by South African directors.
|
|
am
Posts: 1,495
Likes: 601
|
Post by am on May 9, 2017 16:04:28 GMT
If he has the wrong email address that more or less eliminates a leak of data from Lendy (and also the alternative hypothesis that you accidentally registered at a phishing site masquerading as Saving Stream).
Names and telephone numbers are fairly widely available, and guessing that the first part of the email address is your first name is going to be correct quite often. The question is how did they guess your connection to SavingStream (a lucky guess seems unlikely, but is possible).
Tracking cookies can be used to interrogate in part your browser history. They shouldn't be a problem with Lendy, 'cos there shouldn't be any embedded 3rd party stuff around on the web site. It could be a problem with P2P blogs and forums monetarised through advertising. Someone could have identified you as interested in P2P, in which case the odds of a hit when picking a popular platform have got much higher. But it is not immediately obvious how your identity could be tied to your computer, unless you are using a computer on a domain that you own, in which case you could be looked up in whois.
The worst case is that your computer's been hacked, but in that case I'd expect worse results than an attempt to sell you a fraudulent investment.
|
|
ablender
Member of DD Central
Posts: 2,204
Likes: 555
|
Post by ablender on May 9, 2017 16:35:42 GMT
|
|
