I was informed last night (by
I discovered that my name, address and CC info was among the information stolen, but managed to track down the info, and found that it was over 4 years out of date (thank the gods) — an address where I no longer live, and a debit card that I no longer have, long expired, from a bank that no longer exists. I got lucky.
Apparently, a Brazilian hacker grabbed a file which contained the information of all those who had chosen the “save this data” option during checkout…..although I cannot recall ever doing that myself, but my info was still there.
If you’re concerned, I would recommend that you contact James Mathe at webmaster@rpgshop.com, and give him your name. He’ll tell you if you were on the list, and give you the last 4 digits of the card and the expiration date. That way, you can decide whether you need to take action of your own. Supposedly, they’ve been emailing everyone affected, but there have been reports of people who haven’t yet been contacted (I know that I didn’t get an email until I prompted James about it, so take that as you will).
This is going to seriously fuck with my business.
I’ve already fielded dozens of emails from customers who have told me that they’re not going to purchase from RPGNow/DTRPG again (despite the fact that DTRPG’s servers weren’t affected), and, given that I just signed a contract as an exclusive vendor, that’s a problem.
The fact that OneBookShelf (the new company formed in the merger) hasn’t gotten out ahead of this with a public statement and someone dedicated to Q&A is also pissing me off, as every hour that passes further increases the likelihood that sales in the PDF business are going to be crippled by the chilling effect of lost customer confidence.