Highlife seeds scam? Or is Attitude starting to "sell" our private info?

Not open for further replies.
Well I have to do some Major Damage Control over this. I mean they have everything all my REAL info......I dont see RIU or Attitude as at major fault the best systems can get hacked but now they have a major problem and I dont feel safe anymore. I knew I shouldnt of bought those seeds dureing the give away.
Just got this from the Attitude

We are aware of some of our newsletter subscribers have been emailed by this company. We are looking into this matter with the utmost urgency and have already contacted the http://www.yourmailinglistprovider.com/ who sent this email on behalf of highlife.
Our email newsletter and addresses are not held on the same data base, so if these emails have been stolen, please be aware that there has not been a breach of any other sensitive information other than email addresses.

We have previously implemented 300 specific emails in the newsletter email data base, this will verify if the email addresses have been stolen. If it happens to be the case this is an illegal action and there will be a case for the 2 companies ‘Highlife’ and the mailing company to be taken to court for damages, theft, and unethical business practice. If the email data base has been stolen this would be very easy to prove, hence helping us discipline and Take action against them.

Attitude Apologies profusely for any concern this may have caused you, and we would like to stress again that we are doing everything we can to resolve this and we are not taking this matter lightly.
Adam H
The Attitude Seedbank

this is worth reshowing - sounds like the more likely cause, attitude's database(s) were compromised, looks like some RIU info was gathered also
i see the thread grew pretty quick overnight - but remember it takes time for a company to respond to situations like these
so it's not good, but probably no worse than having any other company you've done business with having the same problem
Its unfortunate that this thread started to break down a little, but I think the intent has to be the same. Attitude had a breach and needs to watch their doors better. They need to feel the sting of consumer angst and the only way to do that is by boycotting them and keeping your money, or at least spending it else where.

Please every one remain focused on the issue and not on attacking each other. And remember, a boycott is a voluntary thing. You're right, it won't break them, but if you think that 10 orders down, 20, maybe 50 doesn't sting a little, you're wrong. I don't want them to cease to exist, but I do want to give them a spanking.

You have to admit, they're being pretty non-challant about it. "Ah, no big deal, they only got the e-mail database". Bullshit. They got the real database, with addresses, and names.

And I'm a network architect and systems engineer. I design the systems you guys are probing at and I assure you, it should not have been that easy. Not if they were following international guidelines for conducting e-commerce. not if they have implemented the base level of security require to co duct business on the Internet. Like I said, they're not a peace loving commune full of hippies, this is a business and needs to act responsibly, take our data security and personal information security very seriously, and be held accountable for their mistakes.

And for those of you who think this isn't a big deal. Have you ever had a gun pointed at your family because some fucking pig decided that his morals outweigh your freedoms? I don't think so. I never have either, bit I've seen it happen when a grow room gets found, legal or not. Thanks to this breach, its one step closer to happening to me. And i sleep with a gun next to me, so you know thats not going to go well.

It is a big deal, it is important and not just to us, it should be important to all of us. Were all in this together, whether you grow, breed, or just smoke. We're not second class citizens because we smoke, we're enlightened. And my eyes are wide fucking open now.

Well if you guys put your real name and didn't send it to a PO box and gave valuable payment info, tough luck. That wasn't very smart.
Well if you guys put your real name and didn't send it to a PO box and gave valuable payment info, tough luck. That wasn't very smart.

i've been ambivalent about the value of a PO box
but this case does show there is value, keeps your address/name off seed seller's databases
I'm a network architect and systems engineer. I design the systems you guys are probing at and I assure you, it should not have been that easy. Not if they were following international guidelines for conducting e-commerce. not if they have implemented the base level of security require to co duct business on the Internet. Like I said, they're not a peace loving commune full of hippies, this is a business and needs to act responsibly, take our data security and personal information security very seriously, and be held accountable for their mistakes.
Yea I have to agree it shouldn't be that easy but when I probed I got Ip Address of the servers and the site IPs. I used the built in Dos program in Windows 98 to probe the site and to see how many servers and computers it goes through. That should have never been that easy and fast since I had pings no higher then around 100ms. I was gonna buy a PS3 controller but when PSN got hacked and taken down I haven't bought a single Sony product still they get it back up and running and possibly not for at least 2 to 3 months maybe 5 months still I buy a Sony product.

BOYCOTT! ATTITUDE they need to step up their game and secure their systems better and the server systems their site runs through should step up their security.

If I'm gonna buy seeds offline it will be fruits and vegetables that I can't find in the storeand I will only pay cash. I'd rather lose some cash then lose my CC number and get money racked onto it and possibly be stuck with the bill.Protect your CCs use pre-paid cards that are about to expire or send cash. Never use your real name of any sorts online and if your gonna order seeds see if they have an order forum that you can use also try not to use your real address, phone number and such. For me all the sties that I am a member on for all they know I live in Canada and the US in the stores not in a house.
yeah I made a mistake of putting my actual info into the billing address because I figured it had to match my CC information or it wouldn't be processed. I wasn't aware that the information would be shared with anyone interested in knowing my personal information. I'm not really too worried about LEO because I operate under the law but not everyone is so lucky. Also, if they got that information, who's to say they didn't get my CC information that I provided at the time too? They have already had problems with peope gathering this infomation and using people's accounts to buy things that were never authorized. In this biz, security should be the #1 priority and I can't even erase the information from the site so I told them to cancel my account.

I never even signed up for the newsletter and this information came directly from their site, from my account and order information, not RIU and not from any information that should have been public.
po box/ nah why waste time/effort..listen i have been saying this for a very long time and very few seem to listen.... you use the credit card of someone else who grows nothing..girlfriend, cousin sister whoever...you have seeds sent to their address on their credit card..again they have nothing to hide...you set up a email address for 2 weeks to order seeds/track order...then forget about it..next time you want to order again ..set up new email address...email address is free and takes 2 minutes..give cash to girlfriend or whoever and use their card..this is not hard to grasp.
po box/ nah why waste time/effort..listen i have been saying this for a very long time and very few seem to listen.... you use the credit card of someone else who grows nothing..girlfriend, cousin sister whoever...you have seeds sent to their address on their credit card..again they have nothing to hide...you set up a email address for 2 weeks to order seeds/track order...then forget about it..next time you want to order again ..set up new email address...email address is free and takes 2 minutes..give cash to girlfriend or whoever and use their card..this is not hard to grasp.
Why waste time and effort? Because a good PO box is a rare commodity. A very valuable asset.
po box/ nah why waste time/effort..listen i have been saying this for a very long time and very few seem to listen.... you use the credit card of someone else who grows nothing..girlfriend, cousin sister whoever...you have seeds sent to their address on their credit card..again they have nothing to hide...you set up a email address for 2 weeks to order seeds/track order...then forget about it..next time you want to order again ..set up new email address...email address is free and takes 2 minutes..give cash to girlfriend or whoever and use their card..this is not hard to grasp.
Or the seller could just make sure our information is secure and guarantee themselves more more business in the future. Attitude has already costed themselves one order and many potential orders from me while sannies just got another one. Unless I absolutely have to have it, I'm not going to go out of my way to get an order from them anymore.

this pic from greenthumb comes to mind.
This email just received from Highlife seeds:

HighLifeSeeds.com to me
show details 4:26 AM (4 hours ago)

We are aware of an issue with a now ex- affiliate of our website sending emails
Promoting their affiliate links to earn revenue and in doing so they used made
up/fictional order id# to get people to open emails.

We have terminated the affiliates account and banned all email marketing in
any Shape or form by our affiliates.

We do not hold any of your information at all not even your name or email as
we did not send any email.

Affiliate programs are very common and members join, promote a website & earn
commission on sales. This affiliate violated our terms and has been removed
with forfeiture of any accrued commissions


Customer Support
When only the best is ever enough!

Getting somewhere now.....

po boxes are an extremely smart idea, i always recommend them....however, i dont use one...im in a legal state and have been fucked with by the state police before with no repercussions (i made them look stupid) so i know they wont fuck with me again, if the feds wanna waste time and money coming after a little legal, sick grower like myself well then i say bring it on.
Or the seller could just make sure our information is secure and guarantee themselves more more business in the future. Attitude has already costed themselves one order and many potential orders from me while sannies just got another one. Unless I absolutely have to have it, I'm not going to go out of my way to get an order from them anymore.

this pic from greenthumb comes to mind.
View attachment 1586863

While this picture comes to mind when I see that.

The Attitude to me
show details 4:23 AM (5 hours ago)
Hi There,
We are aware of some of our newsletter subscribers have been emailed by this company. We are looking into this matter with the utmost urgency and have already contacted the http://www.yourmailinglistprovider.com/ who sent this email on behalf of highlife.

Our email newsletter and addresses are not held on the same data base, so if these emails have been stolen, please be aware that there has not been a breach of any other sensitive information other than email addresses.

We have previously implemented 300 specific emails in the newsletter email data base, this will verify if the email addresses have been stolen. If it happens to be the case this is an illegal action and there will be a case for the 2 companies ‘Highlife’ and the mailing company to be taken to court for damages, theft, and unethical business practice. If the email data base has been stolen this would be very easy to prove, hence helping us discipline and Take action against them.

Attitude Apologies profusely for any concern this may have caused you, and we would like to stress again that we are doing everything we can to resolve this and we are not taking this matter lightly.

Many Thanks,
Have a great day,
Jodie @ The Attitude

Still no word from RIU but we have their attention now....

The Attitude to me
show details 4:23 AM (5 hours ago)
Hi There,

Our email newsletter and addresses are not held on the same data base, so if these emails have been stolen, please be aware that there has not been a breach of any other sensitive information other than email addresses.


If they only got the emails, how did they ALSO get names and addresses????? Attitude = lying
Not open for further replies.