Thank you for your patience while we investigated the root cause of these email.
We have determined the cause. It has taken us longer than normal largely because system76.com was not compromised and our initial efforts were directed there. A System76 test site (genesis76.com) was compromised. Genesis76 is used to test database and miscellaneous updates before applying the updates to system76.com. Limited customer data was stored on the site for the purpose of monitoring database modification effect on customer tables. Both reside on the same server which is why email header information contained the system76.com server IP address. No transactions occur on genesis76.com and no credit card information is stored on either system76.com or genesis76.com.
Thus far we know the exploit sent an email to addresses stored on genesis76.com. We are investigating further to determine the full scope of the exploit. At this time, we do not believe any customer information was compromised.
All data on genesis76.com has been removed. Our test site did not received the same security hardening that the system76.com production site receives. This lapse led to the exploit. Future development and testing will take place offline and with fake data whenever possible.
Your privacy is very important to us. We will work to keep it secure at all times.
KDE is the best
I got the same email and either my browser or operating system warned me to "get out of there" NICE!
Yes and I've said it before and I'll say it again, since it seems like such a difficult concept for everyone to wrap their heads around.its so easy to send fake emails from fake addresses. Theres no reason to assume it actually came from them.
My name, email address, and interest in System76 were all apparent in the emails. I would have ignored it if it was a vi@gra advertisement.
THAT is reason to assume that System76 is somehow related to this, aside from the fact that they are being impersonated in a phishing email.
Last edited by kh1116; March 31st, 2011 at 05:05 AM.