As someone who’s getting more and more into miniatures gaming, it scares me a bit to hear what just happened to Reaper Miniatures. A group of hackers has stolen Reaper’s customer information, including credit card numbers used on the site’s online store, and is demanding money to keep from making the information public on the web. Hopefully the FBI and whoever else gets involved in this sort of thing can sort it out soon, and let Reaper get back to concentrating on great miniatures. The full announcement from Reaper’s website is reprinted below.
Notice posted on Reaper Miniatures website:
An international group of professional hackers has used a new exploit to grab the encrypted user information of at least several dozen companies in the US. This attack targeted all of these companies respective eCommerce sites. Among these companies is Reaper Miniatures. This puts us in the elite company of Amazon.com and Microsoft, so I guess we’ve finally “made it”.
These criminals are demanding an extortion fee to prevent them from making sensitive user information public on the internet. They have told us they are able to decrypt our customers’ credit card information. We cannot verify this fact, however it is prudent to inform our customers of this possibility so they may take appropriate action.
We will not succumb to their threats, and are instead going to our customers so they can take appropriate actions to protect themselves.
We are in contact with the FBI and other law enforcement agencies to deal with these criminals. We have taken our store offline while we evaluate any existing threats.
In addition to this news bulletin, we will be emailing and calling any customer this issue may have affected. For correspondence regarding this, please direct all queries to firstname.lastname@example.org.
Please do not call us directly, rather email with any questions. We will respond to your email messages in a timely fashion in the order in which they are received.