User Panel
Quoted:
Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! View Quote View All Quotes View All Quotes Quoted:
Quoted:
There is sporadic information through out this thread. Get a cold drink and set down and go through it. Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! I agree, I am keeping track and will let you guys know if anything happens everybody that this affects should do the same. We can consolidate and keep our information in one spot. |
|
Quoted:
I agree, I am keeping track and will let you guys know if anything happens everybody that this affects should do the same. We can consolidate and keep our information in one spot. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
There is sporadic information through out this thread. Get a cold drink and set down and go through it. Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! I agree, I am keeping track and will let you guys know if anything happens everybody that this affects should do the same. We can consolidate and keep our information in one spot. ATF/FBI? Oh, for fuck's sake!!!!! |
|
Quoted: Quoted: Quoted: Quoted: There is sporadic information through out this thread. Get a cold drink and set down and go through it. Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! I agree, I am keeping track and will let you guys know if anything happens everybody that this affects should do the same. We can consolidate and keep our information in one spot. ATF/FBI? Oh, for fuck's sake!!!!! |
|
Quoted:
I am going to edit what I originally posted and replace it with this. When I uploaded my information I made the assumption that it would be secure due to the nature of what was being uploaded. It was not. In general, to some people what has happened might not be a big deal. You have to put yourself in the other person shoes and look at it from their perspective. Some people might have a valid reason for not wanting their FFL and DL information in the wrong hands. Something to think about! View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
There is sporadic information through out this thread. Get a cold drink and set down and go through it. Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! ATF/FBI? Oh, for fuck's sake!!!!! I am going to edit what I originally posted and replace it with this. When I uploaded my information I made the assumption that it would be secure due to the nature of what was being uploaded. It was not. In general, to some people what has happened might not be a big deal. You have to put yourself in the other person shoes and look at it from their perspective. Some people might have a valid reason for not wanting their FFL and DL information in the wrong hands. Something to think about! |
|
I am curious at this point what would have cost AIM more, defending itself against a bullshit lawsuit because a minor bought some ammo, or the knee jerk reaction of requiring EVERY customer to upload sensitive documents to perform an age vervification check then haphazardly storing those documents for years and now is having to spend copious amounts of money to salvage customer relations?
|
|
Odd, I have bought metric assloads of ammo from them and no letter.
Not that worried about it but odd. |
|
|
Quoted: Are you actually being serious or are you just screwing with me? Try to follow... when someone uploads their drivers license, an AIM employee may then validate said persons account and change it to a "verified" status. After that the copy of the drivers license maybe destroyed. There is NO REASON to repeatedly upload OR maintain a drivers license on file... View Quote View All Quotes View All Quotes Quoted: Quoted: And then everyone flips a tit that they have to upload the SAME information for EVERY order. "Isn't there a way they can just keep it on file?" Are you actually being serious or are you just screwing with me? Try to follow... when someone uploads their drivers license, an AIM employee may then validate said persons account and change it to a "verified" status. After that the copy of the drivers license maybe destroyed. There is NO REASON to repeatedly upload OR maintain a drivers license on file... I understand that for for use in general. However, it seems that for purchases of ammunition and especially C&R items they would want to keep something on file to be sure the person is eligible. And if they just need to check a box to say someone is eligible, what's to stop someone from hacking in and making it look like a buyer is eligible when they are in fact not? |
|
|
Bryan offer up at a discount, the "Collection" to those that got their info taken...
Edit: Nevermind I just bought another supressor |
|
|
Sigh...I received my letter yesterday.
I haven't ordered ammo from Aim for quite some time but I believe I uploaded a copy of my military ID. It was an older one that still had my social on it. I'm pretty sure I photoshopped that out but I can't remember for sure. God I hope I did. |
|
I haven't received a letter but I just realized my shipping address in my Aim account was wrong forever and I couldn't get it to save my correct address...I just entered the correct address with every order. I thought I was clear but I guess I should check with them to make sure.
|
|
|
|
A complimentary case of ammo would be a good start along with details about HOW this was allowed to happen and WHAT they're doing to prevent it from ever happening again. Additionally, somebody better be looking for a new job or nothing will change. Just received the letter, and the credit monitoring offer is a joke. I'm going to freeze my credit ASAP, but potential identity theft isn't the only issue here. Companies that play fast and loose with customer data and don't take infosec seriously deserve to go out of business--and often do after something like this. Good luck to you, AIM. I'm done. |
|
Quoted:
A complimentary case of ammo would be a good start along with details about HOW this was allowed to happen and WHAT they're doing to prevent it from ever happening again. Additionally, somebody better be looking for a new job or nothing will change. Just received the letter, and the credit monitoring offer is a joke. I'm going to freeze my credit ASAP, but potential identity theft isn't the only issue here. Companies that play fast and loose with customer data and don't take infosec seriously deserve to go out of business--and often do after something like this. Good luck to you, AIM. I'm done. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
I'm still waiting on my compensatory free shipping code. Me too! A complimentary case of ammo would be a good start along with details about HOW this was allowed to happen and WHAT they're doing to prevent it from ever happening again. Additionally, somebody better be looking for a new job or nothing will change. Just received the letter, and the credit monitoring offer is a joke. I'm going to freeze my credit ASAP, but potential identity theft isn't the only issue here. Companies that play fast and loose with customer data and don't take infosec seriously deserve to go out of business--and often do after something like this. Good luck to you, AIM. I'm done. Wow. If you only knew how many times your information has been not only compromised, but actually sold, you'd probably jump off a bridge. Happens every day, my friend. And, btw, the ProtectMyId service is actually pretty good. It is by one of the same companies that handle a credit freeze. I am likely to be in better shape now, with the service, than I would be if the AIM breach had not happened. We're certainly better off than if they had done what many businesses do, and simply had not told us. |
|
Quoted:
Wow. If you only knew how many times your information has been not only compromised, but actually sold, you'd probably jump off a bridge. Happens every day, my friend. And, btw, the ProtectMyId service is actually pretty good. It is by one of the same companies that handle a credit freeze. I am likely to be in better shape now, with the service, than I would be if the AIM breach had not happened. We're certainly better off than if they had done what many businesses do, and simply had not told us. View Quote How many times have you had your DL and SS# compromised? That doesn't happen every day. We're not talking about financial info here, this is much more sensitive info. Were talking about info that would allow another to actually assume your identity and do major damage. No one is denying that breaches happen. There's more to this and just because data breaches happen and many companies might not tell you, It doesn't excuse AIM if they weren't doing what they were supposed to be doing. And that's what it looks like. There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. |
|
Quoted:
How many times have you had your DL and SS# compromised? That doesn't happen every day. We're not talking about financial info here, this is much more sensitive info. Were talking about info that would allow another to actually assume your identity and do major damage. No one is denying that breaches happen. There's more to this and just because data breaches happen and many companies might not tell you, It doesn't excuse AIM if they weren't doing what they were supposed to be doing. And that's what it looks like. There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Wow. If you only knew how many times your information has been not only compromised, but actually sold, you'd probably jump off a bridge. Happens every day, my friend. And, btw, the ProtectMyId service is actually pretty good. It is by one of the same companies that handle a credit freeze. I am likely to be in better shape now, with the service, than I would be if the AIM breach had not happened. We're certainly better off than if they had done what many businesses do, and simply had not told us. How many times have you had your DL and SS# compromised? That doesn't happen every day. We're not talking about financial info here, this is much more sensitive info. Were talking about info that would allow another to actually assume your identity and do major damage. No one is denying that breaches happen. There's more to this and just because data breaches happen and many companies might not tell you, It doesn't excuse AIM if they weren't doing what they were supposed to be doing. And that's what it looks like. There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. So maybe I'm jaded after many years of my SSN being tossed around and copies of this or that being shared here and there. Yes, I'm more than pissed off that my DL was sitting on a server on the internet that was hacked. In my experience, 22 day notification is about the fastest I've seen. That includes Quicken, Vanguard, MBNA, Wideners, USAA, and all those other companies that have been hacked that may have told us. How many haven't told the customer that there is an issue? You do realize that as a business, they likely wanted to gather up a responsible and coherent reponse to the issue. This likely took a few days to research, resource, and put together. Would you rather have someone pounding on your door that day yelling, "your shit is hacked yo" without any other information or the optional resource they provided? Were the files encrypted or not? Dude, you're on page 11. Every time you logged into your AIM account, the picture was there. Why even ask this? They were obviously behind a password, but encrypted? lol. This is the firearms industry. A banner on the webpage? I've never seen any company toss a banner up on their webpage saying we suck and don't buy from us. Have you? Where? Instead, what they did was apparently remove the pictures from the accounts and tell people not to upload shit until they have things figured out. So yeah, I'm still pissed off and the order I put in just prior to hearing of the hack may have been my last, but the outraged self absorbed butthurt here is amusing. They fucked up, left the barn door open, the horses in the barn got stolen, they eventually closed the barn door and let folks know the horses got stolen. Shit happens, people/companies often learn from mistakes, and what they do with that new knowledge will be important with maintaining older customers. |
|
Originally Posted By AK_Steve There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. View Quote |
|
Quoted: Yes, the files were encrypted. There was time involved to identify those affected, then time to create/print mailing, and finally time in transit. This only affected a small percentage of our customers, notification letters were sent to those people. View Quote View All Quotes View All Quotes Quoted: Originally Posted By AK_Steve There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? |
|
Quoted:
Yes, the files were encrypted. There was time involved to identify those affected, then time to create/print mailing, and finally time in transit. This only affected a small percentage of our customers, notification letters were sent to those people. View Quote View All Quotes View All Quotes Quoted:
Originally Posted By AK_Steve
There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. Thank you Erik for a reasonable and factual answer. Expect at least 5 more pages of bitching, whining and sandy mangina's. I'll continue to support AIM while others bitch and turns their backs to you. Support goes both ways........ |
|
All three questions are valid, but I am willing to bet that they can not or may not want to answer these questions in a public forum.
Quoted:
Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? View Quote View All Quotes View All Quotes Quoted:
Quoted:
Originally Posted By AK_Steve
There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? |
|
Quoted: All three questions are valid, but I am willing to bet that they can not or may not want to answer these questions in a public forum. View Quote View All Quotes View All Quotes Quoted: All three questions are valid, but I am willing to bet that they can not or may not want to answer these questions in a public forum. Quoted: Quoted: Originally Posted By AK_Steve There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? I'm betting they will; or it may be in their business interest to do so depending on the answer. As it is going now, people here seem to be pissed and could really hurt AIM's business. However, if they tell us that each image file was encrypted with 256 bit AES and the compromise was just those encrypted image files (and not the keys), then we're talking about something else entirely and would change the whole dynamic as it would be VERY unlikely that anyone would even attempt to go through the effort to decrypt those and 99.999% chance your image files would remain un-seen. |
|
|
Quoted:
Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? View Quote View All Quotes View All Quotes Quoted:
Quoted:
Originally Posted By AK_Steve
There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. Wait... the files that were compromised were encrypted? That changes things, then, depending upon the answers to these: What level/type of encryption? Was each image file individually encrypted? Was that encryption compromised when then files were taken, or do they just have a bunch of [presumably] still encrypted image files? I would think a lot of people would either drop their pitchforks or saddle up depending on the answers to these questions. |
|
Quoted:
I would say that anyone that just had their credentials stolen have a valid gripe. Don't you? Support should go both ways, yes. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I'll continue to support AIM while others bitch and turns their backs to you. Support goes both ways........ I would say that anyone that just had their credentials stolen have a valid gripe. Don't you? Support should go both ways, yes. This is about the 5th time my info "might" have been compromised. OPM, Target, Blue Cross and Chase are the others Guess what, shit happens!! Fix it and move on. AIM explained what happened and what they did to remediate it. There's no proof AIM was any less a victim of a cyber attack that those whining. and there's no evidence AIM was complacent in their data storage. And unlike the Widener's breach, there's no evidence the data, if actually acquired, has been used. |
|
Oh my gosh, so much for being able to voice your opinions here.....
|
|
Quoted:
This is about the 5th time my info "might" have been compromised. OPM, Target, Blue Cross and Chase are the others Guess what, shit happens!! Fix it and move on. AIM explained what happened and what they did to remediate it. There's no proof AIM was any less a victim of a cyber attack that those whining. and there's no evidence AIM was complacent in their data storage. And unlike the Widener's breach, there's no evidence the data, if actually acquired, has been used. View Quote Last time I checked, AIM doesn't offer health insurance, financial services, or Federal level job opportunities... so you really can only compare them to Target (retail business). Listen, if my credit card info was compromised from 2+ years ago (when I bought an Aimpoint from them; would have been more, but they don't ship stripped AR lowers to NJ FFLs), and considering I've had most card numbers reassigned since then, I could care less about the breach. I would say "shit happens," then. I'd actually be a lot happier about that, as it is easy to call up my credit card companies, say my cards possibly were compromised, and get all new cards. But that isn't what occurred. AIM isn't anything more than a retail store... and I mean that with no disrespect. Target sells home goods, AIM sells guns/ammo/accessories. My D/L being on AIM's server for over 3 years is not something that needed to occur. I've bought more ammo from Cablea's and MidwayUSA... and the only thing I've ever had to provide was my NJ FID to MidwayUSA for handgun ammo purchases. If that, in itself, was compromised, I would be upset... but not as much as my D/L (I'd call that a "shit happens" situation). As mentioned throughout the thread, the D/L system was done to protect AIM from lawsuits. All well and good, but now it is at the cost of how many people's D/Ls (and I feel even worse for those that had a D/L with their SSN on it)? I'm glad that AIM did step up and sent out letters. I understand that it might not be that smart to answer every question in a public thread regarding this crime (as I'm sure people that committed it could be reading into it), but when you get down to it, a year subscription to credit monitoring isn't remediating it. Plus, downplaying it really does insult our intelligences (AIM required ID for ammo purchases, so you are saying that only a small amount of customers were affected... come on Erik). |
|
got my letter from my old address. Looks like I have 12 pages of reading to do
|
|
I got the letter too. I can tell you one thing, I will never again buy from a site that require my DL again. Not all do. I have ordered plenty of ammo without having to submit a copy of my DL from other places. These files should have been deleted once the order was complete. There is really no excuse for keeping these images on file, security breach or not. I am not saying I won't order anything from AIM, but I sure as heck won't be sending them a picture of my ID anymore. |
|
Signed up for the free credit monitoring.
Probably wont be ordering anything anytime soon due to getting my shit together before 41p unless you drop some old steel or wood I NEED to add to my protective metal box. When you do feel free to offer it to those that received our letters first please. |
|
Quoted:
Yes, the files were encrypted. There was time involved to identify those affected, then time to create/print mailing, and finally time in transit. This only affected a small percentage of our customers, notification letters were sent to those people. View Quote View All Quotes View All Quotes Quoted:
Originally Posted By AK_Steve
There's many problems I see here with the way AIM is handling this. Were these files encrypted or not? They haven't said anything about that yet so it looks like the answer may be no. That alone would be very bad. Yes they informed us, 22 days later. They were informed of the breach on 4/4 and they drafted the letter on 4/26. I'd like to know why it took so long. Notice, there is no banner on their homepage informing visitors of the breach. FYI, I emailed around May 1st asking if I would be receiving a letter and was told I was not affected. I have ordered ammo from AIM, although it's been a while- since 7n6 was banned at least. |
|
Haven't received any kind of letter yet.
I'd also like to point out that while I did in fact upload an image of my DL quite a few years ago, an actual JPEG imagine of my ID never appeared on the site, just my ID# Were people actually seeing a JPEG image of their ID's under the Customer Profile? |
|
|
|
I did not receive a letter but called in to confirm just to make sure. I was fortunate that I was not one of the unlucky victims. I never uploaded my DL to the website, I emailed it in for this very reason. I did not want the image saved on their website. Just so everyone knows, you can black out everything on your ID other than your name and DOB and send that to them. I verified all this before I emailed a copy of my DL.
|
|
Quoted:
I did not receive a letter but called in to confirm just to make sure. I was fortunate that I was not one of the unlucky victims. I never uploaded my DL to the website, I emailed it in for this very reason. I did not want the image saved on their website. Just so everyone knows, you can black out everything on your ID other than your name and DOB and send that to them. I verified all this before I emailed a copy of my DL. View Quote I emailed a copy of mine as well and have not yet received a letter. |
|
I haven't been keeping up with it... Does Arfcom still hate AIM, or what?
|
|
Signed up for the credit monitoring, then ordered a couple of BCG from the site. I really don't see a lot that can be done with a soon to expire DL and a C&R (Colorado does not use SSN for the DL number). In the future I will heavily redact any proof of age I upload to any site and call this a lesson learned. I got the OPM letter as well last year. Sign of the times....
|
|
Quoted:
I haven't been keeping up with it... Does Arfcom still hate AIM, or what? View Quote Not as bad as Troy, but a lot of people are still angry and confused. I used my church's debit card to buy a rubber stamp online the other day so I could stamp "For Deposit Only" and the account number on the collection plate checks when depositing them so I wouldn't have to write it a dozen times each week, and someone stole the debit card info. The rubber stamp company sent me a letter. It happens, you know? You get a new card, monitor your statements, and move on. If your stolen driver's license had your SSN or something on it... uh, why? Do they require that, or were you just too happy with it to change? GA changed mine without my asking when I renewed about 12 years ago and cited security/identity theft concerns. They gave me some random number that means nothing. If my state was that far behind on security matters, I think I'd move or at least write my state reps an angry letter. |
|
Quoted: Not as bad as Troy, but a lot of people are still angry and confused. I used my church's debit card to buy a rubber stamp online the other day so I could stamp "For Deposit Only" and the account number on the collection plate checks when depositing them so I wouldn't have to write it a dozen times each week, and someone stole the debit card info. The rubber stamp company sent me a letter. It happens, you know? You get a new card, monitor your statements, and move on. If your stolen driver's license had your SSN or something on it... uh, why? Do they require that, or were you just too happy with it to change? GA changed mine without my asking when I renewed about 12 years ago and cited security/identity theft concerns. They gave me some random number that means nothing. If my state was that far behind on security matters, I think I'd move or at least write my state reps an angry letter. View Quote View All Quotes View All Quotes Quoted: Quoted: I haven't been keeping up with it... Does Arfcom still hate AIM, or what? Not as bad as Troy, but a lot of people are still angry and confused. I used my church's debit card to buy a rubber stamp online the other day so I could stamp "For Deposit Only" and the account number on the collection plate checks when depositing them so I wouldn't have to write it a dozen times each week, and someone stole the debit card info. The rubber stamp company sent me a letter. It happens, you know? You get a new card, monitor your statements, and move on. If your stolen driver's license had your SSN or something on it... uh, why? Do they require that, or were you just too happy with it to change? GA changed mine without my asking when I renewed about 12 years ago and cited security/identity theft concerns. They gave me some random number that means nothing. If my state was that far behind on security matters, I think I'd move or at least write my state reps an angry letter. My info has been breached so many times at other places, I wouldn't have really given it much thought. I didn't get a letter from AIM so I'm guessing mine wasn't included this time. I sent a copy of my DL several years ago. |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.