🚨 Urgent - suspicious messages being received by members - do not open them!

Hey Jenny, yes I can confirm that I’ve checked spam/junk and there’s no message in the folder. Thx for your help.

I did not receive the invite and would not know about the issue if I was not on the forum. ALL members should be notified about this. I’m extremely disappointed in how this has been handled.

Got the dodgy Cuenca invite. No official email from THS yet.

Hello everyone!

I want to change my password, but am afraid that the site has been hacked. Do we know the extent of this scam?

Hi @GoZacGo

My update from the team has a bit more information, you can read it here if you didn’t see it when scrolling (there’s a lot of replies to sift through in this discussion!).

The issue has been completely dealt with now and it’s safe to change your password.

If you need any additional reassurance from Trusted Housesitters, please drop them a chat or an email, and I’m sure they’d be happy to talk to you.

Jenny

@Jenny - I have contacted Membership Services as advised as I have still not received an email. I have also checked my spam/junk folder.
I will report back to the Forum if and when I receive a response.

Thank you so much, let me know how you get on.

I’ve had the same fake emails lots people on here have had. I changed my password today. Just now I got an invite, only this one showed up INSIDE the app, unlike the other scam ones. The name on
the listing was different from the name of the person who sent it.

It was a listing for Abergavenny. Should I be worried. Has anyone else has this one?

Hi @dibu

The incident from yesterday has been confirmed as resolved, so no further messages should be received.

I’ve passed your details to the team to investigate, and I’m going to drop you a DM.

Jenny

Just updating the thread to confirm I’ve received and reviewed a screenshot as per my request above, and I don’t think that it’s a repeat of what happened yesterday. I wanted to be transparent just so that nobody feels worried if they happen to see the posts above.

The message looks to me like it could be owners sharing a profile, hence the difference between names, and it sounds like they’ve sent an invitation because they felt like the member might be a good fit.

The red flag with the messages that were sent out yesterday was that they pretended to be a representative of Trusted Housesitters, and included a mention of account closure, along with a link to try and obtain details. Those details aren’t present in the screenshot I looked at.

That being said, it’s best we play it safe, and I’ve asked the team to double check everything, and I’m in touch with Dibu via DM.

Ths are saying that everyone who has been affected have been contacted but I’m sorry to say that is not entirely true . I didn’t receive any email from THS until I contacted them . Even though I had posted on this forum

I have not received an email even though I received the invitation.
This is part of the response I received from Support.

“ While we understand that there is concern for yours and other member’s account information, we have made the decision to message those that were affected by the incident, focusing on the members who either opened the original message and interacted with the link or put in details as a priority. “

Same, received the email and message on my THS inbox but nothing at all from THS on this and I have checked all my spam boxes etc.

My concern is how big is this breach, what data has been accessed, how safe is my information and bank card details. I have changed my password but still feel that everyone should be advised of this data breach.

I would like to know if this breach has been reported to the ICO. Legal requirement is for a report to be made within 72 hours.

I received a scam invite, but I’ve had no communication whatsoever from THS!

This must be the same spammers that infiltrated the HomeExchange website last week as well!!

I’m a member of HomeExchange since recently, and very similar messages were sent ‘on behalf of Home Exchange admin’ (e.g. their actual admin account) to members about accounts being temp suspended etc etc and having to click a link.

I immediately reported it to HE, who blocked the people that were doing it, but it sounds like this is the same crew now doing it on THS as well!

Received multiple of these last week, hopefully it’s being sorted now.

My specific concern is that THS servers have obviously been compromised enough that bad actors have member’s contact details. That unfortunately raises the concern that those bad actors got other details about members that are more sensitive like physical addresses.
It will not benefit THS to not be fully transparent about the extent of the breach and what data was compromised.
Waiting to hear.

Hi, Just happened to look at our profile and found our names had changed, DOB changed around and gender changed around! has anyone else found this?

Has anyone received the e-mail that THS said they had sent to all affected members ?

Hello @Twogreys

Just to let you know that I have passed this information across to our Tech Team and Membership Services. They have advised if there’s a chance that you entered your card details on the phishing page as well, then it’s important that you follow the advice as shown below and report this issue to your bank. I have sent you a DM and I also recommend that you contact Membership Services directly at support@trustedhousesitters.com.

Sam.