I think the US Tool & Fastener site has been hacked

S

smorgasbord

Member
Joined
Jan 7, 2022
Messages
1,061
If you've ordered from US Tool & Fastener, and you have recently gotten a phishing email or two with your name in the subject and with a PDF attachment that has your name in the filename, let me know.

I own my own domain. Call it MyDomain.com for our purposes here, but it's something else. I use it mostly for infinite email addresses. That is, I can register with an email address I literally make up within that domain and have them all forwarded to my actual email provider. This is good for filtering/sorting, but it's also proven good when sites I register with get hacked.

When I order from Woodpeckers, I sign up with "Woodpeckers@MyDomain.com" and when I order from US Tool and Fastener, I sign up with "USToolAndFastener@MyDomain.com." Heck, my email here is a variant of FOG@MyDomain.com. I get all those emails, but can sort based on "To", and I can send any one of them to the NULL bin without affecting everything else I do.

So, I've gotten now 3 emails sent to "USToolAndFastener@MyDomain.com" that are not from that site, but the emails contain my name, shipping address, and phone number. They're trying to extort money from me claiming they've hacked my system, but they haven't, they're just using the information they stole from USTool & Fastener's site - and I know this because the email they're sending this to is my specific email that I've used only at that site.

I've sent an email to US Tool & Fastener a few days ago, but haven't heard anything back. I don't know if they don't believe me, or think I'm trying to hack them, or just don't know how to respond. So, I thought I'd post here in case the hackers didn't steal just my information, but others who have ordered from US Tool & Fastener before. If you have just one email address, there's no way you would know where they got that info from, but my use of a unique email address nails that down with very high certainty.
 
I've ordered several times from US Tool, though not lately.
I've not received any US Tool related spam that I know of.
But Google does a great job of filtering spam so...
 
Great tip on using your domain and email, worth the price of admission. Thanks.

RMW
 
That's definitely a great way to keep a handle on things.
I have ordered from them, but I has been at least 2 years.
Thanks for the warning.
 
Michael Kellough said:
I've ordered several times from US Tool, though not lately.
I've not received any US Tool related spam that I know of.
But Google does a great job of filtering spam so...
Click to expand...

Yeah, I'm on Tuta (similar to ProtonMail) so they're behind on the filtering. I reported two emails and then found a third in my spam folder. If I get tired, I'll just forward USToolAndFasterner@MyDomain.com email to NULL automatically.

Has anyone else gotten these phishing attempts with the PDF that's your name? It includes a screen grab from Google Maps just to scare you that they drove by, which they haven't.
 
Funny, I do the same thing with my emails lol!

The only address I've ever had that wiggled it's way into the wild webernet west was Adobe. And boy howdy do I get some interesting emails from that address. I initially thought they just had zero standards for selling their customers addresses.... but later found out they had in fact gotten hacked.
 
I googled “US Tool & Fastener, Hacked?” And “Angel-guard products, Hacked”.  Usually, that will bring up hacking mentions in other sites.  I saw none.  This might be too new to show up.

Angel-Guard Products is the parent company.  They list a toll-free phone number and contact information.  You would think that they would be interested in this information.

JURw6zB.jpeg


As an aside, a friend of mine, back in the 1970s, used a different middle name for each of his magazines subscriptions. That way he could tell which of the magazines was selling his name and address.  This was back in the era of snail mail.  I don’t know what he did with that knowledge, but he was very diligent about it. 
 
I received an email response from US Tool & Fastener just now, which says in part:

First off, thank you for alerting us to the emails you were receiving. We take security very seriously at US Tool and Fastener. We are conducting a thorough investigation into a potential breach of our systems. Because of your email, we were able to quickly move into our containment and mitigation protocols for all of our systems as a precaution.

If you haven’t already, we’d recommend changing your password for your login to USToolandFastener.com. We will provide further updates as soon as we have more information to share.
Click to expand...
 
If you ever think one of your email addresses has been compromised, you can do a search on one of the published breach aggregator sites likehttps://haveibeenpwned.com/. It will tell you the full details of the breach and when it occurred, and how many were affected and by what extent.

Very useful site.
 
smorgasbord said:
I received an email response from US Tool & Fastener just now, which says in part:

First off, thank you for alerting us to the emails you were receiving. We take security very seriously at US Tool and Fastener. We are conducting a thorough investigation into a potential breach of our systems. Because of your email, we were able to quickly move into our containment and mitigation protocols for all of our systems as a precaution.

If you haven’t already, we’d recommend changing your password for your login to USToolandFastener.com. We will provide further updates as soon as we have more information to share.
Click to expand...
Click to expand...

I do wonder what the containment and mitigation protocols are.  I thought when this sort of thing occurs, you hire an outside consultant (IT specialist) to address the issues.  (Unless you are a huge corporation and have those people on the staff.)
 
luvmytoolz said:
...https://haveibeenpwned.com/. It will tell you the full details of the breach and when it occurred, and how many were affected and by what extent.

Very useful site.
Click to expand...

Yeah, thanks for the reminder. I found this:

Eye4Fraud: In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.

Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses
Click to expand...

So, not surprising that a fraud protection service was itself hacked.
 
Packard said:
I do wonder what the containment and mitigation protocols are.  I thought when this sort of thing occurs, you hire an outside consultant (IT specialist) to address the issues.  (Unless you are a huge corporation and have those people on the staff.)
Click to expand...

Sort of depends on the country and the type of breach, financial breaches must adhere to fairly strict criteria for reporting and remediation generally, but I have noticed for run of the mill data breaches that the reporting and enforcement is getting more and more lax. Some stupendously large breaches of late are being reported long after it was known, and with very little fanfare, despite potentially affecting hundreds of millions of user accounts. It's definitely becoming more complacent.
 
They got back to me. Ironically, they used Eye4Fraud to help secure their systems, so the Eye4Fraud hack affected them.

US Tool & Fastener were great about all this, btw.
 
You must log in or register to reply here.

Similar threads

P
I keep getting emails from Harvey Woodworking.
Replies
12
Views
808
luvmytoolz
luvmytoolz
P
Unsubscribe quest
Replies
7
Views
891
sancho57
sancho57
PaulMarcel
"oh wait, thx for your email, but to actually get the discount, gimme your cell"
Replies
12
Views
791
PaulMarcel
PaulMarcel
M
TSO accessories on sale @ US Tool & Fastener
Replies
0
Views
749
MacBoy
M
O
Have I Been Overthinking The Router Motor?
2
Replies
22
Views
1K
usernumber1
U
Back
Top