So Paxum what does FinTrac have to say about the data/security breach?

[signupdamnit]

https://gfy.com/showthread.php?t=1110227

What "policies" and actions have you put in place to protect everyone? Are you providing free credit monitoring service and identity protection service to people as a real bank would do in this case?

Wait. Fintrac doesn't know or care, do they? Hmmm.

[AllAboutCams]

Bump ...........

[bigluv]

The silence is deafening, what a disappointment

This is so disappointing I'd say it's MR-level where a "withdrawal from the boards" may be in order.

[candyflip]

Anyone with an account there should be pissed.

[LRS]

paxum is the worst company I have ever dealt with. Siwtch over to payoneer before they pull an epassporte on your funds

[Fat Panda]

Has anyone contacted the Canadian authorities?

[Lichen]

[brassmonkey]

Quote:

Originally Posted by LRS

paxum is the worst company I have ever dealt with. Siwtch over to payoneer before they pull an epassporte on your funds

wow thats a pretty big statement

[signupdamnit]

RuthB, last year, May 22, 2012, on the security of your verification info and the consequences Paxum faces in the event of a security or privacy breach:

Quote:

Everybody must follow these procedures. These procedures are also audited ON-SITE by FINTRAC and Mastercard and our banking partners, and we have never had a problem. If there was an obvious data breach like the ones you suggest could happen, our license would have been revoked a long time ago, and due to the strict privacy laws of Canada, there would likely be legal issues as well. This is simply NOT the case because we comply with ALL procedures and regulations.

https://gfy.com/showpost.php?p=18959225&postcount=65

Compare and contrast to the way the breach in the first post was handled.

I need to note that I have nothing personal against Ruth other than an apparent history of working for ethically challenged companies. I'm sure the policies and the way these things are dealt with come from direction at the top of the company. I wouldn't want her job (defending Paxum) for quadruple the pay because it's a tough job indeed.

[helterskelter808]

I'm no Paxum fanboy -- as I've said before, you're out of your mind if you hand over the info they demand -- but these anti-Paxum threads are getting ridiculous.

It turns out LRS was butt-hurt because Paxum wouldn't let him use two different Paxum accounts with two different identities. One of which was effectively a false identity, since he had legally changed his name.

And OP, if there's something about Fintrac or Paxum that you believe you are entitled to know, wouldn't it make more sense to contact them, rather than starting threads about it here?

[Best-In-BC]

[Fat Panda]

if TRUE someone with EVIDENCE needs to contact MasterCard and Canadian Authorities ASAP!

[signupdamnit]

Quote:

Originally Posted by helterskelter808

And OP, if there's something about Fintrac or Paxum that you believe you are entitled to know, wouldn't it make more sense to contact them, rather than starting threads about it here?

I was being facetious. I know full well that FINTRAC isn't monitoring Paxum for compliance with privacy laws, the security of user's information, or financial health. I'm only trying to point it out to others who might not be aware. In the past Paxum has presented their monitoring by FinTrac in a way which made it appear that they were subject to full financial and privacy audits by FINTRAC (see also: 1, 2). It was very dishonest in my opinion and I first noted it over a year ago.

My point is that it's basically the wild wild west. Just like Epassporte, Paxum can pretty much do whatever they want. There is very little regulation over their activities at present as compared to a legitimate bank. There are anti-money laundering procedure but those aren't in place to protect you. People deserve to be aware and not misled to believe they are being regulated more than they are.

[seeandsee]

what is with this paxum threads?

Hey i use them, i learned something from epass-past so i am doing regular weekly balance withdraw and i don't worry about possible problems. I didt have any problems with them, great service so far, so i will continue to use them.

[Chris]

https://gfy.com/showpost.php?p=19646475&postcount=76

[Chris]

this thread is pretty much pointless, it's clearly a cry for attention on a rainy Wednesday afternoon.
if you want to see the whole discussion, go the original thread https://gfy.com/showpost.php?p=19646475

you are welcome to complain to the Canadian authority of your choice if you think you are being mistreated. I'm pretty sure nobody from the Canadian government reads gfy.

[helterskelter808]

Quote:

Originally Posted by signupdamnit

I was being facetious. I know full well that FINTRAC isn't monitoring Paxum for compliance with privacy laws, the security of user's information, or financial health. I'm only trying to point it out to others who might not be aware. In the past Paxum has presented their monitoring by FinTrac in a way which made it appear that they were subject to full financial and privacy audits by FINTRAC (see also: 1, 2). It was very dishonest in my opinion and I first noted it over a year ago.

My point is that it's basically the wild wild west. Just like Epassporte, Paxum can pretty much do whatever they want. There is very little regulation over their activities at present as compared to a legitimate bank. There are anti-money laundering procedure but those aren't in place to protect you. People deserve to be aware and not misled to believe they are being regulated more than they are.

I don't think there's a single thing you could say to Paxum die-hards that would make them stop using it. And why care so much anyway? If you don't have any money with them, it's not your problem.

As for Epassporte, I never trusted them, mainly because they were based in some Caribbean banana republic. I don't think that's why they collapsed though.

[brassmonkey]

Quote:

Originally Posted by signupdamnit

RuthB, last year, May 22, 2012, on the security of your verification info and the consequences Paxum faces in the event of a security or privacy breach:



https://gfy.com/showpost.php?p=18959225&postcount=65

Compare and contrast to the way the breach in the first post was handled.

I need to note that I have nothing personal against Ruth other than an apparent history of working for ethically challenged companies. I'm sure the policies and the way these things are dealt with come from direction at the top of the company. I wouldn't want her job (defending Paxum) for quadruple the pay because it's a tough job indeed.

make the call then

[signupdamnit]

Quote:

Originally Posted by Chris

this thread is pretty much pointless, it's clearly a cry for attention on a rainy Wednesday afternoon.
if you want to see the whole discussion, go the original thread https://gfy.com/showpost.php?p=19646475

you are welcome to complain to the Canadian authority of your choice if you think you are being mistreated. I'm pretty sure nobody from the Canadian government reads gfy.

The thread wasn't posted today. It was posted yesterday morning. You know when the incident had already been happening for several hours and all the Paxum reps were ignoring the matter. Someone bumped it a few hours ago.

I would say that making some noise finally worked. It took you guys over 24 hours to make a proper statement about it and the only reason you probably did that is because people were bumping the threads.

[Chris]

Quote:

Originally Posted by signupdamnit

The thread wasn't posted today. It was posted yesterday morning. You know when the incident had already been happening for several hours and all the Paxum reps were ignoring the matter. Someone bumped it a few hours ago.

I would say that making some noise finally worked. It took you guys over 24 hours to make a proper statement about it and the only reason you probably did that is because people were bumping the threads.

Okay a stormy tuesday.

It was not ignored - just felt no no need to entertain this type of thread.

[Chris]

There was NEVER a "data/security breach" or any hack as some people in this thread suggests, please read and UNDERSTAND first what the issue was in the other thread before spreading false information.

There is a fine line between freedom to write your personal opinion in public and hurting other people with lies and misinformation

[signupdamnit]

Quote:

Originally Posted by helterskelter808

I don't think there's a single thing you could say to Paxum die-hards that would make them stop using it. And why care so much anyway? If you don't have any money with them, it's not your problem.

As for Epassporte, I never trusted them, mainly because they were based in some Caribbean banana republic. I don't think that's why they collapsed though.

True. I guess it just pisses me off a little when someone lies to me as if I am a sucker. See the first link in the message you quoted where I ask about regulations and Ruth replies by bringing up FINTRAC as if they regulate them in regards to the things I was speaking of. I never forget shit like that. I'm still stuck back in the times when we all helped one another too. But yeah I said what I needed to. If someone doesn't know by now it's their own fault.

[Chris]

Quote:

Originally Posted by Chris

There was NEVER a "data/security breach" or any hack as some people in this thread suggests, please read and UNDERSTAND first what the issue was in the other thread before spreading false information.

There is a fine line between freedom to write your personal opinion in public and hurting other people with lies and misinformation

Quote:

Originally Posted by signupdamnit

True. I guess it just pisses me off a little when someone lies to me as if I am a sucker. See the first link in the message you quoted where I ask about regulations and Ruth replies by bringing up FINTRAC as if they regulate them in regards to the things I was speaking of. I never forget shit like that. I'm still stuck back in the times when we all helped one another too. But yeah I said what I needed to. If someone doesn't know by now it's their own fault.

I put the important bits in bold for you.

[brassmonkey]

Quote:

Originally Posted by Chris

I put the important bits in bold for you.

what was it then??

[signupdamnit]

Quote:

Originally Posted by Chris

There was NEVER a "data/security breach" or any hack as some people in this thread suggests, please read and UNDERSTAND first what the issue was in the other thread before spreading false information.

There is a fine line between freedom to write your personal opinion in public and hurting other people with lies and misinformation

Sue me then.

People were able to gain information they would not be normally expected to be able to gain by Paxum account holders. This included details such as their phone numbers and physical address. You can't tell me Chase bank wouldn't treat it as a security breach if any other account holder under a certain class could get any other account holder's personal information simply by sending them 25 cents. That is a data and privacy breach, sir. Spin it any way you want.

[signupdamnit]

Quote:

Originally Posted by Chris

I put the important bits in bold for you.

It WAS a security/data/privacy breach. 100%. See previous post.

In regards to lies well I believe there have been many of those but I was speaking of this:

https://gfy.com/showthread.php?t=1061034&page=2

Quote:

Originally Posted by signupdamnit

All this only shows why governments typically have to monitor and regulate such services. I don't have a full grasp of what happened here but from what I gather transactions were reversed from Party B and Party C because of a fraudulent transaction from Party A. I think the reversal from Party B would be expected but the reversal from Party C is potentially a problem.

Party A > Party B > Party C

It seems wrong for Paxum to reverse transactions and take funds from Party C due to what happened with Party A when Party C has had no business dealings with Party A. Further by what process does Paxum use to decide which third parties who did business with Party B will get their transactions reversed? For instance maybe Paxum is reversing transactions for affiliates first to cover losses but taking from sponsors and other service providers last. Or maybe it's being done based on who has the most money in their account to take at the time. Or dare say it might even be based on who Paxum likes the best.

So we see where it can all be a problem and there can be a conflict of interest and it seems we need some kind of regulation here. Which entity is it again in Canada which is regulating Paxum? I think when they first started they mentioned they were regulated in some way over there. It may be worth contacting that entity and asking them to confirm that Paxum is following all applicable regulations. There are reasons for certain regulations being in place. Personally at some point I think Paxum should be the one's to take the loss rather than innocent third parties. This then provides some incentive for Paxum to be more careful in regards to processing fraudulent transactions.

Another question here is when Paxum changed the procedures for handling this were they required to publish this anywhere and give notice and did they? It almost appears they decided how to handle this on-the-fly. Is that legal?

Quote:

Originally Posted by RuthB

@signupdamnit - You're thinking of FINTRAC. Here is our listing - http://www10.fintrac-canafe.gc.ca/ms...19556-eng.html

It was dishonest to bring up FinTrac in reference to what I brought up because you know full well FinTrac does not regulate those things. But most people would not have bothered to check that to know it and for them seeing that FinTrac regulates Paxum would grant some legitimacy for most because they would assume that FinTrac is something that they are not.

She later clarified a little but still danced a but around the bush about the fact that basically there was no regulation over the situation.

It wasn't just a one time thing either.

https://gfy.com/showpost.php?p=18594778&postcount=7
https://gfy.com/showpost.php?p=18481336&postcount=44

I don't have time to sit here and reply all day because I don't have an employer paying me to do that. But there you go.

[candyflip]

Chris don't be an idiot. You are just digging a deeper hole trying to spin this your way.

[AdultKing]

Simplifying this.

I don't remember agreeing that Paxum (either directly or through it's API) could pass on to unrelated third parties my address or phone number or any other identifying information. However this is exactly what was happening through this "conceived long ago and overlooked since" "feature".

[Fat Panda]

how casual Paxum and their reps are treating this privacy breach is sickening

[brassmonkey]

thread bookmarked

[24/7 Blogging Crew]

[seeandsee]

Quote:

Originally Posted by AdultKing

Simplifying this.

I don't remember agreeing that Paxum (either directly or through it's API) could pass on to unrelated third parties my address or phone number or any other identifying information. However this is exactly what was happening through this "conceived long ago and overlooked since" "feature".

Nothing in TOS ?

[AdultKing]

Quote:

Originally Posted by seeandsee

Nothing in TOS ?

Quote:

2. OBLIGATIONS OF PAXUM
2.1 Paxum shall not disclose the PIN only reset the said PIN to cardholders for whose use it has been issued.
2.2 Unless otherwise approved by User or ordered by a court or arbitration body of acceptable jurisdiction, as determined by Paxum, Paxum shall not reveal User's contact or identifying information or transaction history to any third party.
2.3 Paxum will obey to any law enforcing agency and will disclose and help in all ways possible any criminal investigation concerning Paxum Users.

2.2 seems to tell me that they will not reveal my contact or identifying information to any third party unless there is a court order. However this "conceived long ago and overlooked since" "feature" did exactly that.