SixBid Hacked?

Please be aware that people are receiving fake 2nd chance offers and invoices based on SixBid bidding. I've seen one of these myself from a friend and it had all of the requisite information - his name, address and even his bid amount - with a second chance offer and instructions to make payment if he was interested in purchasing the coin that he didn't win. It was a scam but it looks very official with all of that information.

The email supposedly comes from the auction house directly like an invoice would for a bid you placed on SixBid. I have now been receiving emails from different auction houses warning that this is happening. I sent an email to SixBid which they responded to saying it wasn't a hack on their system which I find hard to believe at this point with it occurring with multiple auction companies. I personally think SixBid has been hacked.

Please be vigilant with any 2nd chance offers or invoices you receive based on bids you've placed on SixBid. I personally love their website, but I'm unimpressed with their dismissal of this situation.

 

Log in or Sign up to hide this ad.

Thanks for the heads up!

 

I never place my bids through Sixbid and always go through the auction houses directly. The site is excellent for one-stop-shopping to help game out bidding though.

 

even if you don't place bids, Sixbid's hacking means the hackers still have all your personal information including your address etc. I have deleted my Sixbid account and moved entirely to Numisbids. I discovered this weeks ago rather by accident when visiting a Paris auction firm in person to enquire about what seemed like a genuine offer for a coin that a friend had bid on and where the buyer seemed to have walked away. They told me plainly that Sixbid had been hacked. Piecing together information from other sources this was evidently the case - it has nothing to do with the auction house. Looking at the information in the offer my friend has, it contained lots of personal information from his Sixbid account data.

So the hackers likely have all the information in your Sixbid account already. Whether or not you use them to bid.

I checked the Sixbid website at the time. There was no warning on the main page and only the tiniest subdued notice on the account page suggesting you consider changing your password. I was so appalled at their lack of care to customers, reinforced when I heard that they were denying being hacked in responses to queries, that I deleted my account (you need to write to them to do so, it cannot be done from within the website).

Still it is too late for me. The hackers already know where I live and a great deal of other information about me. And they know where you live too.

Had Sixbid taken even a normal amount of care with this issue - a very prominent banner explaining what happened on the top of the main page, a general advice to be very cautious with anything that might stem from your account data, an apology, a personalized email expressing much of same - then I'd likely not have quit the site. But they showed an utter disregard for the safety of their customers. I wonder are they even in breach of EU GDPR data management requirements (someone here might know what expectations are to a hacking event).

 

Very interesting. I can understand how hackers who have hacked into the Sixbid website would be able to see what bids you have placed if you use Sixbid as the proxy, but how would they know if you had placed bids on other independent websites and not using Sixbid as a proxy?

After your warning I logged into my Sixbid profile (after not having done so in ages) and saw this discreet notice.



And you're correct, nothing at all on the main pages about this! Troubling indeed.

 

They don't know what bids you placed on other sites of course. They still know your account information on Sixbid whether or not you bid with them - your personal information. You presumably have an account with some personal information in it and log in to bookmark coins etc. If you never intend to use the account for any purpose, consider deleting as I did. Or falsifying the personal information within, filling in fake address and contact details. Still even if you do all this the hackers have your email and know it to be a good one - a buyer at auctions - and presumably will be spamming you right now.

 

I have changed my password.

It is possible that Sixbid wasn't hacked. It should be possible to get high bids from following auction closings and email addresses by correlating usernames and emails through mailing lists and other web sites.

The Sixbid account page has a banner reading "The email adress (sic) "numismatics.site" and "bidserver.info" is currently sending faked invoices for faked wining bids. Please ignore them as they are not from the auction house."

numismatics.site has an address and phone number in the United Arab Emirates. It also has a person's name, but I am not sure if I should post it here, as it could have been hacked.

bidserver.info is registered in Panama but the contact information is hidden using WhoisGuard Inc.

 

Highly unlikely. The email I saw had the bidder's full name, mailing address, telephone number and his bid since he was the underbidder. That information cannot be gleaned from public sources.

 

From my understanding working in a field where this is very relevant, a data breach must be reported within 72 hours but little is being done to enforce it or fine those who delay notification.

 

I like Sixbid as well, however I prefer to bid directly with the auction house. I recently had an auction house accept my bid through 6 bid but did not honor it at auctions close, said I was not an approved bidder.

In regards to sixbid being hacked they sent out an email March 11th regarding security issue, of course they did not admit to being hacked but asked you to change your password.

 

Thanks for the message. Guess change your password and dont accept strange offers and we will be fine. And hackers that know my adress are welcome to admire my modest collection, but dont take it away!

 

Changing your password will not help at all. With so many auction houses and bidders concerned, most probably the Sixbid database was hacked, which means that they have access to all your data without the need of any password.

 

FYI - more info in the article

https://coinweek.com/auctions-news/...d-com-alerts-collectors-to-fake-invoice-scam/

 

Got this email from Nomos

Fake invoices for Nomos clients that placed bids through Sixbid.



We would like to inform our clients that due to the security breach on Sixbid, collectors that have placed their bids through Sixbid's bidding platform might have received an email from the fake email address "contact@nomosag.com.auction1.host" with the subject"Winning Bid Confirmation". This contains a fake invoice in the name of our company, which you can be easily recognize by the lack of the buyer's fee, the wrong hammer price and definitely the lack of style. Please be sure to IGNORE THIS EMAIL and let Sixbid know through the following address: info@sixbid.com.

If you have any doubts about the invoice that you received please contact Nomos through the following address: info@nomosag.com.Official Nomos invoices are only sent through the following email addresses: info@nomosag.com or nomos@nomosag.com. If you accidentally paid a fake invoice, please ask your bank to recall the transaction as it was a result of a fraud.

Please note that only clients that have placed their bids through Sixbid might have been affected.

We apologize for any inconvenience,

Nomos AG Zurich

 

Very dangerous. It will cost Sixbid a lot of clients, perhaps rightly so if they were careless. I hope the other sites (including CoinTalk) are warned now.

 

I received the same email from Nomos and I've heard that NAC has warned its customers due to the breach.

The problem here is that SixBid has known about this for months now and has blamed it on its customers and their passwords being compromised. That is clearly not the case because SixBid itself has been compromised and they refuse to admit it or fix it.

 

If one checks out sites like Credit Karma or others you will see there have been some huge and significant data breaches of late. It may be that Sixbid was not hacked directly, but a password was ultimately obtained via one of these breaches and utilized. It reminds us to change our passwords on occasion...

 

Ken, this may be the case if one or a handful of accounts were compromised, but not in this numbers. In my opinion, it is way more likely that Sixbid got hacked than that hundrets of different accounts (auction houses and bidders alike) are compromised due to passwords obtained from some other breaches.

Even though some use a single password on many different websites, it were a huge coincidence if you would find more than a handful matching passwords of bidders that submitted their bids exactly for this one auction that has just finished.

 

OK. I am sure some people may not understand or have experience with how this works. Likely one person (perhaps more) was hacked. That person was an administrator or owner of Sixbid with complete access to the entire site, including all its users and their passwords. That is how it worked. It doesnt work any other way. Either a single or multiple admin users were hacked.