Quantcast

Data Breach Statement

Utah Gun Exchange and UGETube remain dedicated to our mission of defending the First and Second Amendments and providing our users with a means to exercise their First and Second Amendment rights.  As we know, there are many who have attacked, or will attack, Utah Gun Exchange and UGETube in an effort to stop us from accomplishing our mission to help protect your constitutional rights.  We have recently learned of one such attack that affects you as our users.

Specifically, we learned that Utah Gun Exchange and UGETube were the target of an attack that resulted in the exposure of some of your information. While, with the exception of hashed passwords, the information that appears to have been taken from our systems is information that is publicly available when an advertisement is posted, we feel it is our responsibility to take every precaution to notify you, as our users, of the breach so that you can take any action you feel is necessary to protect your information.  

All transaction information is handled directly through PayPal using their secure and internal systems. UGE Tube and Utah Gun Exchange do not see or handle any financial information including credit/debit card numbers that are entered in during the purchase process. Therefore transactional information such as credit/debit card or other such financial data was not part of the data compromised.

Please know that we at Utah Gun Exchange and UGETube have also acted promptly to stop the unauthorized access and provide additional security for the information stored in our systems. As seen from the increased support and outreach we have received from our users, we know that we will continue to succeed in our mission to protect the First and Second Amendments despite the opposition.  

Below is a brief description of what occurred, what action has been taken, and steps you can take to protect your information.

I. What Happened

Recently, Utah Gun Exchange and UGETube discovered that criminals exploited a website vulnerability to gain access to certain data. Upon discovery, we acted immediately to stop the intrusion. We promptly performed a comprehensive review to determine the scope of the intrusion, including the specific data impacted. Based on our investigation, the unauthorized access occurred July 2020.

II. What Information Was Involved

Most of the consumer information accessed is information that is publicly available when an advertisement is posted, including names, email addresses, and phone numbers.  All transaction information is handled directly through PayPal using their secure and internal systems. UGE Tube and Utah Gun Exchange do not see or handle any financial information including credit/debit card numbers that are entered in during the purchase process. Therefore transactional information such as credit/debit card or other such financial data was not part of the data compromised. However, it also appears that our users’ hashed (or encrypted) passwords have also been accessed. Hashing turns your password (or any other piece of data) into a short string of letters and/or numbers using an encryption algorithm. Although the passwords exposed were hashed and did not reveal the plain text value, there are methods that could allow the attacker to identify the real passwords.  Accordingly, we strongly recommend that you change your password and consider changing it on any other site that you may have used the same username/email & password combination.

III. What We Are Doing

Upon learning of this incident, Utah Gun Exchange and UGETube took steps to remove the offending code and have identified the vulnerability. We have hardened the website security and database connections. We continue to identify steps that can be taken to help prevent this type of incident from happening again.

IV. What You Can Do

If you use the same email/username and password combination on any other sites, we urge you to change your passwords as the passwords could be compromised due to this data breach. it is also important to be on the lookout for targeted phishing attacks abusing this data.  Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.  If you receive any communications purporting to be from Utah Gun Exchange but you are uncertain of the true source of the communication, feel free to contact us separately at [email protected] to inquire into the validity of the communication.

We value your participation in our community and appreciate your support as we continue this fight!

Please contact us at [email protected] if you need any assistance.

Steps to reset your password – UtahGunExchange.com

  • Login and click on “My Dashboard” in the top right hand corner.
  • Now click on “Edit Profile” on the right hand side in the Dashboard section.
  • Once your profile is displayed, scroll down until you see “Generate Password”. You can either keep the generated password (Recommended) or you can choose your own by simple typing in the field.
  • Once you’ve decided on your new password, simply click the “UPDATE PROFILE”. The password you select will need to be used for any future logins.

Steps to reset your password – UGETube.com

  • Click on your profile avatar in the top right corner and then click “Edit”
  • Now click on “Password” in the left hand column of options.
  • Finally, enter your current password and select a new password to use going forward, then click “Save”.

From the Blog

  • 2A Sanctuary County ****Volunteer****Get...

    by on March 12, 2020 - Comments Off on 2A Sanctuary County ****Volunteer****Get Involved****

    As the 2020 Utah Legislative season is winding down, we can now focus on the next phase of our plan. We now feel it is appropriate to ask you to turn your attention to helping make every county in Utah a 2A Sanctuary. To all of our volunteers, we greatly appreciate your help in fighting […]

  • UGE People’s Voice Platform

    by on February 21, 2020 - Comments Off on UGE People’s Voice Platform

    Welcome to the UGE People’s Voice Platform Please stay tuned to UtahGunExchange.com for Action Alerts designed to help you take effective action in defending your rights. 2020 Legislative Season bills are being tracked and we will provide you with important alerts here and via e-mail when you join our community.  Please join our Utah Gun Exchange People’s […]

  • MAKE YOUR VOICE BE HEARD at the GUNS SAV...

    by on February 11, 2020 - Comments Off on MAKE YOUR VOICE BE HEARD at the GUNS SAVE LIVES EVENT

       Utah Gun Exchange is proud to sponsor and promote the 1st ever GUNS SAVE LIVES UTAH event. Please read below for more information.   ***Please note that this page will be updated throughout the legislative session. *** HERE IS WHAT YOU CAN DO TO TAKE ACTION: Contact your State Representative and Senator (See Action […]

  • Pro 2A Rally Info

    by on February 1, 2020 - Comments Off on Pro 2A Rally Info

    Utah Gun Exchange Co-Sponsoring Second Amendment Rally at Capitol WHEN:            Saturday, Feb. 8, 2020, 11:00 AM – 2:00 PM WHERE:           Utah State Capitol –  South Steps Utah Gun Exchange, in response to recent proposals from legislators, including red flag laws, universal background checks and the elimination of private transfers, which would substantially infringe upon our […]

  • Gun & Trade Show *** OCTOBER 6****...

    by on September 25, 2018 - Comments Off on Gun & Trade Show *** OCTOBER 6****** 9498 South 670 West, Sandy, Utah 9 AM – 5 PM

    UGE’s next show is just around the corner.  As always, the entry is free and we will have tons of free activities for the kids:  Balloon Artist/Magician, RC Remote Control Track, Face Painting, etc.     Come early for a FREE Breakfast from 9 AM – 11 AM courtesy of Gluten Free Preppers.    The […]