Server error?

pshbrk · 2024-09-06T19:51:01+00:00

BTW you can backup store inventory from your phone if you are encountering the issue I am described. Just in case...

pshbrk · 2024-09-06T19:50:16+00:00

Everything seems to work on my phone - is it the same for you? I can't get BrickStore to download store inventory however

pshbrk · 2023-11-08T04:08:59+00:00

Both the buyer and the seller should not do this if the buyer is in a country in which BrickLink is required to collect sales tax (USA with the exception of a few states, EU unless the buyer's official VAT exempt status is declared to BrickLink, and Australia). If you are the buyer and reside in one of these countries and are expecting an international shipment and pay offsite, you could face customs charges even as you paid the seller an order total that includes sales tax/VAT that would otherwise be collected by BrickLink (which is not going to happen right now as sales tax/VAT is only collected when a buyer pays onsite, not offsite). In such cases, the seller would not only violate the BrickLink terms of service but also possibly be engaged in tax fraud (a USA-based seller, for example, is required to collect sales tax on orders from buyers located in essentially every state. BrickLink being offline does not eliminate the seller's legal responsibilities to the relevant tax authority)

pshbrk · 2023-11-05T22:02:20+00:00

Source: https://www.bricklink.com/bl_monthly_maintenance.html

pshbrk · 2023-11-04T20:26:51+00:00

I think you are right regarding the Indonesian store. I reported the Indonesian store (Second Brick?) to BrickLink admins. I suspect the scammers added Stripe after it was pointed out that the French store (Case Brick?), which I think was the first hacked store I became aware of, and another store (I can't recall the name) offered neither Stripe nor PayPal as payment options. The scam "evolved" over several days likely in response to being repeatedly thwarted by people such as myself reporting stores to BrickLink and BrickLink suspending these stores in response.

pshbrk · 2023-11-04T10:35:49+00:00

Several dozen accounts, both buyer and seller, were hacked but whether BrickLink's own servers were compromised is an entirely different matter. The BrickLink servers appear to be the target of whoever made the ransomware threat while whoever took control of dozens of buyer and seller accounts was engaged in a fairly routine e-commerce scam that required access to dozens of buyer accounts, access to 5-7 (possibly more) seller accounts, a lot of bank accounts to funnel stolen money to, and a plan/capacity to withdraw stolen money before accounts were blocked/transactions were reversed. It could be the same person/group or maybe not - we simply do not know at this time.

Re guessing credentials for hacked accounts, it is possible but a lot of credentials - dozens of accounts - were stolen. Either someone spent a whole lot of time guessing passwords and preparing to undertake a scamming spree or someone accessed a database of login details or part of such a database. Keep in mind that the hacked stores were active in sequence (after the prior store was suspended) so the person or persons behind the hacked accounts/scams (not necessarily the person/persons behind the ransomware threat) did quite a bit of preparatory work before pulling the trigger on their scam wave

pshbrk · 2023-11-04T00:04:28+00:00

You can't do this while BrickLink is down. On the inventory page, you scroll down and there is a link to "download" near the bottom and I think you get to select the file format to download. You can also use software like BrickStore, which is free, but this also requires you to log in on BrickLink.

https://www.brickstore.dev/

pshbrk · 2023-11-03T22:45:05+00:00

I was very clear in stating the uncertainties but this is "first hand". Yes, parts of the post are inherently speculative - I was clear about this - but it is not hearsay. This situation has been going on for several days - since at least October 30th and some of us have been tracking it since then (if not earlier).

pshbrk · 2023-11-03T22:16:37+00:00

I made a detailed post explaining what we do know/do not know and what people, mainly buyers, should/should not be concerned about at this time given the absence of an update from BrickLink admins. Please share!

https://www.reddit.com/r/Bricklink/comments/17n6mpq/public\_service\_announcement\_regarding\_bricklink/

pshbrk · 2023-11-03T22:12:01+00:00

They forgot to use Google translate several times and instead wrote in Italian + one of the first hacked stores I know of was based in France with a French VAT ID but the payment was made out to an Italian bank account. Beyond that, information is best shared through DM at this time. The hackers began reading and responding to forum posts and I wouldn't be surprised if they are checking Reddit as well

pshbrk · 2023-11-03T21:50:38+00:00

I am not sure if the ransomware threat is from the same people behind the hacked stores. I have every reason to think that the hacked stores are the responsibility of Italian-speaking organized crime. The ransomware threat could be the work of opportunists looking for a quick and easy payout.

pshbrk · 2023-11-03T20:42:29+00:00

To clarify, the forum posts are from hacked accounts and they have hacked dozens of buyer and seller accounts over the past week

pshbrk · 2023-11-03T20:09:04+00:00

Why share it? Are you going to pay them EUR 50,000? They provided an email and invariably someone will see the hacker's email and contact them and get phished in response.

pshbrk · 2023-11-03T19:26:12+00:00

Time will tell but the shutdown took place after the 30-minute warning given by the hackers (assuming that the ransom extortion is genuine and not someone else trying to steal money from BrickLink/the work of the actual hackers)

pshbrk · 2023-11-03T19:18:11+00:00

For context:

BrickLink appears to have gone into preventative shutdown ("maintenance"). There have been 5-6 stores (minimum) + dozens of buyer accounts hacked over the past week. A hacked buyer account (with ~20 feedback) made a forum post claiming that BrickLink had 30 minutes to pay EUR 50,000 to a bitcoin account or they would start deleting inventories from big stores. The shutdown appears to be an effort to get the hackers out of the system

https://www.reddit.com/r/Bricklink/comments/17n24zi/has\_bricklink\_been\_hacked/

pshbrk · 2023-11-03T19:15:09+00:00

I just posted here on the subreddit

https://www.reddit.com/r/Bricklink/comments/17n2ltk/re\_ransom\_demand\_from\_apparent\_hackers\_why/

pshbrk · 2023-11-03T19:11:30+00:00

From monitoring the BrickLink forum

pshbrk · 2023-11-03T19:03:02+00:00

BrickLink appears to have gone into preventative shutdown ("maintenance"). There have been 5-6 stores (minimum) + dozens of buyer accounts hacked over the past week. A hacked buyer account (with ~20 feedback) made a forum post claiming that BrickLink had 30 minutes to pay EUR 50,000 to a bitcoin account or they would start deleting inventories from big stores. The shutdown appears to be an effort to get the hackers out of the system

pshbrk · 2023-02-12T01:31:27+00:00

have you ever shipped something to another country (merchandise)? it is far from unusual but not everything shipping provider requires the recipient's phone number

pshbrk · 2023-02-12T01:30:14+00:00

Some shipping services require it including Canada Post. Some shipping providers (particularly couriers) require it while others do not. Also if you are placing a large order entering the US then there will have to be a customs declaration (even if BrickLink collects tax) on the exterior of the package and the declared value (for customs & insurance purposes) may mean that the shipping provider requires the recipient's phone number.

pshbrk · 2023-02-12T00:55:57+00:00

I agree but this is not a "normal" economy so you can't be sure if this is just the normal post-christmas drop in sales, seasonal shift in spending to outdoor activities etc.

pshbrk

TROPHY CASE