Author:  CE_Tanja  Posted:  Dec 17, 2022 13:56  Subject:  Article about a BrickLink data breach  Viewed:  843 times  Topic:  Administrative Cancel Reply

BrickLink ID Card CE_Tanja Location:  USA, California Member Since Contact Type Status Feb 17, 2021 Admin BrickLink Administrator

Dear BrickLink members, A report has recently surfaced of a possible data breach on our website, BrickLink.com. We can assure you, our members, that we have seen no evidence of any breach of our systems and have no reason to believe that the data you entrust us with has been compromised. A short while ago, we were approached by a third party who offered their services to fix several potential security loopholes they had identified. This third party is not one of our suppliers and we did not request them to provide any analysis or diagnosis of our systems. When we did not engage the services of this third party, they apparently released this “news” that a security breach could have happened on our site. Whereas it is true that there is always a small possibility that data could be compromised on any site, we feel this report unfairly portrays our website as unsafe. We have invested substantially in our security system and are confident in its ability to keep your data safe. In addition, we strictly follow the LEGO Group standards for GDPR compliance and other legal requirements regarding the data of our users. Thanks for you attention, and please feel free to contact the Help Desk with any questions you might have. The BrickLink Team

Message Has 6 Replies:

Re: Article about a BrickLink data breach - macebobo (2459)

[...] Yet. It is a vulnerability as stated in the article. [...] Not unsafe, just vulnerable. Does this mean you are not taking it seriously and are going to do nothing to [...] (18 months ago, Dec 17, 2022, to Administrative)

Re: Article about a BrickLink data breach - CPgolfaddict (6608)

Can you provide some assurance us by telling us the types of security scans that you are running on BrickLink? You don't need to name brands/names of specific tools. Just [...] (18 months ago, Dec 17, 2022, to Administrative)

Re: Article about a BrickLink data breach - CPgolfaddict (6608)

Upon closer read.... near the end. So this is good.... "The security researchers reported the discovered vulnerabilities to LEGO, and the company took action to fix all issues." [...] (18 months ago, Dec 17, 2022, to Administrative)

Re: Article about a BrickLink data breach - jodawill (139)

[...] That's not how this works. A security researcher isn't a "supplier." The correct response when someone privately discloses a vulnerability is to say thank you [...] (18 months ago, Dec 17, 2022, to Administrative)

Re: Article about a BrickLink data breach - Shiran (0)

Well well... Not only that is an utter lie and nobody offered you any "service to fix several potential security loopholes they had identified", but simply disclosed [...] (18 months ago, Dec 20, 2022, to Administrative)

Re: Article about a BrickLink data breach - CE_Tanja

Dear all, Thanks for your comments and curiosity around the details of this incident. On reflection, our statement could have been clearer. In this instance, a member of the [...] (18 months ago, Dec 21, 2022, to Administrative)

32 Messages in this Thread:

 Msg 1 « - CE_Tanja 18 months ago Dec 17, 2022 to Administrative
 Msg 2 - macebobo (2459) 18 months ago Dec 17, 2022 to Administrative
 Msg 3 - CE_Tanja 18 months ago Dec 17, 2022 to Administrative
 Msg 4 - macebobo (2459) 18 months ago Dec 17, 2022 to Administrative
 Msg 5 - CE_Tanja 18 months ago Dec 17, 2022 to Administrative
 Msg 6 - zorbanj (825) 18 months ago Dec 17, 2022 to Administrative
 Msg 7 - macebobo (2459) 18 months ago Dec 17, 2022 to Administrative
 Msg 8 - Nubs_Select (3818) 18 months ago Dec 17, 2022 to Administrative
 Msg 9 - 1001bricks (52463) 18 months ago Dec 18, 2022 to Administrative
 Msg 10 - Adjour (2480) 18 months ago Dec 18, 2022 to Administrative
 Msg 11 - peregrinator (781) 18 months ago Dec 17, 2022 to Administrative
 Msg 12 - macebobo (2459) 18 months ago Dec 17, 2022 to Administrative
 Msg 13 - CPgolfaddict (6608) 18 months ago Dec 17, 2022 to Administrative
 Msg 14 - SylvainLS (46) 18 months ago Dec 17, 2022 to Administrative
 Msg 15 - TheCuteGiraffe (3) 18 months ago Dec 17, 2022 to Administrative
 Msg 16 - 1001bricks (52463) 18 months ago Dec 17, 2022 to Administrative
 Msg 17 - CPgolfaddict (6608) 18 months ago Dec 17, 2022 to Administrative
 Msg 18 - 1001bricks (52463) 18 months ago Dec 17, 2022 to Administrative
 Msg 19 - jodawill (139) 18 months ago Dec 17, 2022 to Administrative
 Msg 20 - wildchicken13 (876) 18 months ago Dec 18, 2022 to Administrative
 Msg 21 - rv6abob (62) 18 months ago Dec 18, 2022 to Administrative
 Msg 22 - Shiran (0) 18 months ago Dec 20, 2022 to Administrative
 Msg 23 - macebobo (2459) 18 months ago Dec 20, 2022 to Administrative
 Msg 24 - 1001bricks (52463) 18 months ago Dec 20, 2022 to Administrative
 Msg 25 - macebobo (2459) 18 months ago Dec 20, 2022 to Administrative
 Msg 26 - 1001bricks (52463) 18 months ago Dec 20, 2022 to Administrative
 Msg 27 - StarBrick (7087) 18 months ago Dec 20, 2022 to Administrative
 Msg 28 - UTLF (1267) 18 months ago Dec 20, 2022 to Administrative
 Msg 29 - CE_Tanja 18 months ago Dec 21, 2022 to Administrative
 Msg 30 - macebobo (2459) 17 months ago Dec 24, 2022 to Administrative
 Msg 31 - Nubs_Select (3818) 17 months ago Dec 24, 2022 to Administrative
 Msg 32 - ImperialFleet (964) 17 months ago Dec 24, 2022 to Administrative