Jump to content
cclarry

Steinberg Warning

Recommended Posts

Currently in online chat with Steinberg.  Logged into my account and EVERYTHING
was gone.  I've been a Steinberg customer for YEARS.  Every product was NO LONGER
in my account, and they said that they showed it registered to some Chinese person...
so China may be hacking Steinberg accounts....

Just a heads up to make sure your accounts are in tact...

  • Thanks 3
  • Sad 3

Share this post


Link to post
Share on other sites

Thanks for the heads up, Larry.

Mine's all still there, but I hope Steinberg are on top of this.

jdf

Share this post


Link to post
Share on other sites

I had just upgraded from AI to Elements 10 in Nov of last year...as well as had older
licenses for Artist 7.5, and several others in there...NOW they are all gone.  They
gave me a NEW license for Elements 10, after sending them the receipt...then the
chat guy ended the chat before I could say anything else!  

I had plans on upgrading to Pro soon, but I am seriously rethinking that now...

Edited by cclarry

Share this post


Link to post
Share on other sites

That's a very scary cautionary tale.  I guess the lesson is start keeping every receipt.  You figure that companies would keep their own receipts off line somewhere in case this sort of thing happens (which it seems to do every day).

  • Like 1

Share this post


Link to post
Share on other sites

Also, use encrypted passwords, use a different password for every account and two-factor authentication on emails as that is the most common way for people to lose things is when they have access to your email account and can change passwords.

  • Like 1
  • Great Idea 2

Share this post


Link to post
Share on other sites

Thanks for the heads-up!  I just changed my password to a stronger one.  

Share this post


Link to post
Share on other sites
45 minutes ago, Lee D said:

Thanks for the heads-up!  I just changed my password to a stronger one.  

So did I!

Thanks for the heads-up Larry.  Bad news the way that Steinberg handled your situation.

Share this post


Link to post
Share on other sites

@cclarry the good news is that if you go Pro and have the eLicenser dongle, they really can't steal it without the physical dongle.  So maybe that's actually an argument in favor of the dongle?

  • Like 2

Share this post


Link to post
Share on other sites

I've been a customer since Cubase 5...many years.
To suddenly have everything in my account gone was
quite the shock...not happy.  I didn't have much in there
but, nevertheless, not happy

Share this post


Link to post
Share on other sites
4 minutes ago, Finnbogi Ragnar Ragnarsson said:

According do GDPR regulations they MUST inform users of known security breach within 72 hours. If they don't, they will land themselves in serious trouble.

That's true, but it does depend on the type of security breach.

If it's just one person's account, and there was no actual breach on their server (in other words, the breach was on the user's machine), then they're in the clear.

If it is a breach on their server though, they have to report it... else the fine will cost them big time.

Share this post


Link to post
Share on other sites

Not only that but a lot more people would be affected had it been a breach. This sounds more like something that happened off their servers and with a more common method of account exploiting.

Share this post


Link to post
Share on other sites
9 hours ago, TerraSin said:

...use a different password for every account ...

^^^ This!   ^^^   DO NOT REUSE THE SAME PASSWORD WITH THE SAME EMAIL ON ANY 2 ACCOUNTS!  It's just a matter of time if you do...    (And the other things that TerraSin said too.)

 

Sorry to hear about this Lars, that sucks.  Start changing passwords if you are using the same one!

Edited by mibby

Share this post


Link to post
Share on other sites
2 minutes ago, Lee D said:

I think cclarry is an American so it doesn't apply though 

Steinberg is a EU based company so it definitely does apply, regardless of where the user is based.

Also any company that does business with the EU or EU citizens has to comply with GDPR.  I work for an American company, and it was clearly explained to us.

I've seen quite a few American websites that refuse to work if your IP address is based in the EU, to avoid having to comply with the regulations.

Share this post


Link to post
Share on other sites
3 minutes ago, msmcleod said:

Steinberg is a EU based company so it definitely does apply, regardless of where the user is based.

Also any company that does business with the EU or EU citizens has to comply with GDPR.  I work for an American company, and it was clearly explained to us.

I've seen quite a few American websites that refuse to work if your IP address is based in the EU, to avoid having to comply with the regulations.

I don't think that's correct.  I am not an expert, but I have had training also.  My understanding is that the GDPR regulations only apply to data about European citizens, regardless whether they are at home or abroad.  GDPR regulations would not apply to a non-European citizen, regardless of where the servicing company is based.  

Share this post


Link to post
Share on other sites
1 minute ago, Lee D said:

I don't think that's correct.  I am not an expert, but I have had training also.  My understanding is that the GDPR regulations only apply to data about European citizens, regardless whether they are at home or abroad.  GDPR regulations would not apply to a non-European citizen, regardless of where the servicing company is based.  

I guess strictly speaking, you're correct as far as the privacy part of GDPR. 

But for data breaches though, any EU based company needs to report it (or a non-EU based company if it involves EU citizens). Even in the unlikely event that the breach at an EU based company only affected non-EU citizens, I think they'd be on dubious grounds legally should it come to light.

 

Share this post


Link to post
Share on other sites
1 minute ago, msmcleod said:

I guess strictly speaking, you're correct as far as the privacy part of GDPR. 

But for data breaches though, any EU based company needs to report it (or a non-EU based company if it involves EU citizens). Even in the unlikely event that the breach at an EU based company only affected non-EU citizens, I think they'd be on dubious grounds legally should it come to light.

 

Yeah you're probably right.  I know the fines for not complying with GDPR are outrageously high, so they'd probably err on the side of giving too much information.  

Share this post


Link to post
Share on other sites

The person who my licenses were registered to had a Chinese email address...
which says a lot.  The question is "how?".  

I told the guy in chat

"Somethings rotten in Denmark"

He replied "Oh, you're in Denmark"
I said "no"
He replied "I don't get the reference then"
I replied "Shakespeare"
It was at this point that hey quickly terminated the chat.

  • Haha 5

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×
×
  • Create New...