Ever have a credit card number stolen???

Brewer's Friend 728
Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum

Help Support Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Status
Not open for further replies.
cook1969 said:
So, My sister went into AHS and bought me a giftcard for Christmas. I used it on AHS website to make an online purchase, but they still wanted my CC info as some sorta backup. I still got hit even though my purchase was paid for with the giftcard.
Click to expand...

That makes absolutely no sense.

My co-worker had his CC get hit after ordering from AHS.
 
I fall into the timeline of AHS orders and credit card issues.

IMO, I do appreciate the investigation, and the e-mail from AHS telling me what's going on. I was lucky, as my bank noticed and called, reversed the charges, etc. Same pattern of a small $3 charge and then big $ charges following.

My wife and I have had issues like this a couple of time in the last 5 years, and whether it is AHS's card processors or not, I will order from them again.

Keep us posted Forrest.
 
DaBiggin said:
Forrest,

Would you please answer in detail how charges were/are processed by your business? Are they manually typed into a point-of-sale device? If so, then by whom? What physical security measures did/do you use to protect financial account numbers? Did/does every user have his or her own user I'd and password for accessing account number information? Were/are there audit logs tracking users accessing account numbers? All these sorts of questions.
Click to expand...

It's obviously up to AHS if they choose to answer your question, but frankly I'm not sure any of us has the right to probe that deeply into how a man runs his business. It's just that: his business.
 
rawlus said:
have you gotten the sense that they are taking it lightly or lax in their investigation into the matter?

i am sort of getting the sense that they may not be able to say anything that will satisfy some of you. think objectively here, do you put every merchant who you deal with through the same credentials check?

one would sort of think that a principle in the company taking time out to indicate they are investigating thoroughly, that they are working with a 3rd party independent forensics team, etc and so on would be indicator enough that they are taking it seriously.

if one doesnt believe any of that, then i dont see how revealing the inner workings of their practices and procedures is any more believable.

i think hiring a 3rd party forensics team to investigate is indication enough they are looking internally at their security measures.

just sayin.
Click to expand...

If that's enough for you, congratulations. All I recall Forrest commenting on was how he and others were looking externally. Others keep bringing up convoluted scenarios and ignore the simple methods. Most likely it was an unscrupulous employee with access to the account numbers.

"Just sayin"
 
borrachio said:
It's obviously up to AHS if they choose to answer your question, but frankly I'm not sure any of us has the right to probe that deeply into how a man runs his business. It's just that: his business.
Click to expand...

True enough. And customers can vote with their feet. I hope they find the problem and resolve it. Until then, I will order elsewhere. And it is my business how a vendor handles my financial account information. To think otherwise is ignorant.
 
I have 3 fraudulent charges from some flower store in canada as well as an email from AHB. I'm pissed but this is why I love Chase Bank. They are going to reverse the charges!!!

Good Luck with y'alls
 
Oh so this is my I had bad charges. I had 2 of them right after my purchase from ahs. My bank called me and reversed it.
 
DaBiggin said:
If that's enough for you, congratulations. All I recall Forrest commenting on was how he and others were looking externally. Others keep bringing up convoluted scenarios and ignore the simple methods. Most likely it was an unscrupulous employee with access to the account numbers.

"Just sayin"
Click to expand...

arm-chair QB speculation isn't helping anything.

Just sayin'
 
I placed my first ever order with AHS last week. My card was processed on 2/9 (which falls outside the dates given by Forrest). I stumbled upon this thread the next day, became very paranoid, and decided to carefully watch my account.

Absolutely nothing has been out of the ordinary.

I received the order today. Everything was perfectly packaged, the prices definitely beat-out a lot of others, and the grains look to have a great milling (the reason I'm trying a new vendor is that I'd been having problems with efficiency which I was thinking was due to how the grains were milled. Seeing AHS's milling, I feel confident that I will have better efficiency).

Anyway, I just wanted to a) confirm that a transaction after the given date was NOT compromised, which would corroborate Forrest's assertion that the issue was related to the C.C. processing, and b) give them a shout-out for being a good vendor.

Regardless of how much finger pointing people may want to do because, let's be honest, the situation really sucks; I don't think anyone can claim that AHS isn't good at doing what their business is: namely, selling brewing supplies. Maybe it's the fact that I'm an uber-geek and recognize my own kind, or maybe it's that I'm too trusting of a person, but something tells me that someone who opens a Homebrew Supply Store (that has been open for a damn long time), wouldn't be the type to be in cahoots with an international online identity theft and money laundering ring. If info was compromised, I refuse to believe it was intentional, negligent, or with malice. And since he took pro-active action to change his C.C. processing agent, and it seems to have fixed the problem, isn't that the action we should be looking at rather than "damn, he hasn't posted updates on some internet web-forum." Something tells me he has better things to do with his time (like helping law enforcement track down who is ACTUALLY responsible for all of this).

Anyway, thanks for the order, Forrest; I'll definitely shop with you guys again.
 
:ban:
AZ_IPA said:
arm-chair QB speculation isn't helping anything.

Just sayin'
Click to expand...

It would help the merchant to secure such data. Who do you think eats the costs and all associated fees associated with credit card fraud? And what value are you bring to the discussion?

Just sayin'
 
I was keeping up with the posts and maybe this came up. Not sure.

Anyone remember this:
http://abcnews.go.com/Business/PersonalFinance/story?id=6695611&page=1
also
http://www.pcmag.com/article2/0,2817,2339242,00.asp

The events happened sometime in 2008 and then came to light in 2009. Were retailers at fault...

Anyway, blame AHS, refuse to shop there. Support AHS and continue to buy from them. It is our right and discretion to do so. Not forcing you to continue your business with AHS nor will I be swayed by anyone to discontinue my business there. I called in with my card number during the suspected time frame and no issues anywhere. Would it be different if I was hit with fraud charges. Nope. I would do a better job of forcing myself to use the virtual account numbers (one time use number) that my credit card company offers me. It wouldn't be my first rodeo where my identity or credit card numbers were stolen.

Don't like credit or worries of someone stealing your debit/credit card numbers? Pay with cash.

I thought this thread was a great notice for persons to keep an eye on their accounts, which I have, and I'm sure others have to. Not sure what this thread is evolving into...
 
DaBiggin said:
:ban:

It would help the merchant to secure such data. Who do you think eats the costs and all associated fees associated with credit card fraud? And what value are you bring to the discussion?

Just sayin'
Click to expand...

*bringing

I bring grammar correction to the discussion, I guess.... :D
 
I just received the e-mail from Forrest today, but it was too late, they already got me for just shy of $700, all of it international. Most of the charges were for Travelodge. Wells Fargo already deactivated my card, issued a temporary one and ordered a new one. Unfortunately, they told me it will be around a week to get my money back. I've already e-mailed Forrest to tell him and to let him know that if they catch the person I am willing to press charges against them. I'd be happy to tell Forrest what all of the charges are for if it helps in the investigation.
 
little info. I mad mention of my account being compromised at work by that RED-Repair.com site she said has friends that too have those bogus charges and those DO NOT shop at AHS. so I am betting this problem is not with AHS but the credit card processor they used.

-=Jason=-
 
I agree with you dcott. I like AHS. Until this I had nothing but great service, except for a delay on my last order which I was told was due to a large increase in business. I congratulated AHS on their success via email. What I do not appreciate is what appears to me to be obfuscation by AHS and members here who try to defend the indefensible and also belittle others for taking this fraud seriously.
 
I also had my debit card info taken on the 7th, but I got lucky because I checked my balance the very same day that the fraudulent charges were made.
 
My wife's card was hit for just over $100 dollars. The credit card company tried calling, but somehow had the wrong phone number. All charges were refunded.

Now she's giving me lots of crap because she was buying me a couple of perlicks to add to the keezer as a birthday present. She says thats the last time I get beer stuff for a present ;)
 
Until I'm '100% sure' that the danger has passed, anything I order from AHS will be done in such a way that there is a 'protection buffer' between them and I....

But if they continue to offer great deals, I will continue to bite....

I'm not finger pointing, just acknowledging that for now prudence says "be careful".. That's just the reality of the situation...

I love the perlicks, and I appreciate it when companies are thoughtful enough to include little freebies that make life better.. Like the brew day note pad they stuck in my shipment... They didn't have to do that.. The deal they gave me on the order was enough in itself.. The useful gift was icing on the cake...
 
I received this email from Austin Homebrew today...

"Austin Homebrew Supply has received communication from a very limited number of customers that they recently have had fraudulent charges on their credit or debit card. We are conducting a thorough 3rd party forensic investigation and to date have not uncovered a breach on our end, or identified any network infrastructure or website vulnerabilities. We have changed our merchant service credit card processor because we suspect the source of the problem lies in that direction.

If you placed an order with Austin Homebrew Supply from January 7th through February 6th, please check your credit card or bank statements for any charges that you do not recognize. Call your bank to reverse these charges. As an added precaution, we recommend that you have your bank or credit card company issue you a new card.

Sorry for the inconvenience this may have caused you. We really appreciate your business and support.

Forrest Rogness President Austin Homebrew Supply, LLC"

I did in fact make a purchase from them online with Visa on Jan 9, 2011, and had fraudulent charges on my card on Feb 7-8, 2011.
 
Hello all-

Despite the condescending tone of our moderator, the response from forrest that sounded like it was written by a PR firm, and all of you that love to bash those of us that want real, actual answers, I am here to post one more time some facts that have STILL not been addressed.

-The fact that well before the "3rd party forensic team" has been able to complete it's work (or was even hired), AHS had already place the blame and changed providers. How did they know to do this if the "3rd party forensic team" was still hard at work?

-The fact that the easiest access point into any system would be a personal computer used to store CC#'s....it has been asked directly several times if they store our CC#'s and we have been told "no" or the question has been danced around. The following is a quote that I took out of an email from AHS...it was received Friday 2/11/11.

"Our computers used to only store credit card information for 1-1.5 weeks after an order was place but we are now deleting this information as soon as we ring up an order. By next Wednesday we will have switched to our new system and will no longer have access to any of our customers credit card information."

Why can't we get a straight answer from the management team? Very telling.

If you all want to bash and flame, bring it on, I don't care at this point. All I really wanted from the beginning was some honest answers. It's a bad situation for all involved, but I believe made worse, by the CYA mentality of management. This was my first and last order from AHS, but I am sure that in a few weeks those of you that want to will just forget this little incident and move on. And those of us that like to deal with people with integrity, will do the same.

Respectfully, riverfrontbrewer
 
I'm not bashing and flaming.... Nor should I be.. This is a highly personal decision for each person on how they want to react to all of this... There is no 'wrong response' (short of intentionally malicious lies and/or violence)... After all, we're talking 'money' here... It don't get more personal than that...
 
olllllo said:
29% of all credit card holders have been a victim of credit card fraud in the last 5 years.

Perhaps 0.1% have had the opportunity to get information about it in a forum with a vendor and other affected individuals in near realtime.

I am a mod here, but I have no financial stake in this site. I've gotten no instruction from anyone as to how to respond. Not from the admin. Not from ahs. (Never do. Never was.) You can count my ahs orders on one hand. People with torches will believe what they want though.

I just can't believe that any of you think that Forrest is manipulating the info here. There are at least 100 people here picking apart every word in this thread.

I happen to think he shares too much with you all. Just about every thread I see where he is being earnest and forthright, 3 people chime on with their free business advice.

Go ahead and tell me about some other vendor that puts up with this **** in a more graceful and open way....

On a final note. If this hobby puts you at any risk in any part of your life, it might be time to recalibrate your priorities.
Click to expand...


I would sure like to now where you get your "facts" from 29% and .1%? Seems like a lot of speculation. I highly doubt that. As far as Forest, he sure waited a LONG time before sending any emails out. This was handled in an extremely unprofessional matter. The simple fact is that his company was compromised. Period. I am a Network Engineer. Many of customers would be out of business if they were compromised. Take a look aroud. There ARE a hundred people picking him apart, with good reason.
 
DaBiggin said:
If that's enough for you, congratulations. All I recall Forrest commenting on was how he and others were looking externally. Others keep bringing up convoluted scenarios and ignore the simple methods. Most likely it was an unscrupulous employee with access to the account numbers.

"Just sayin"
Click to expand...

It was not an inside job by an employee. We know that much. We are trying to find the root source which came from outside Austin Homebrew Supply.

Forrest
 
riverfrontbrewer said:
-The fact that the easiest access point into any system would be a personal computer used to store CC#'s....it has been asked directly several times if they store our CC#'s and we have been told "no" or the question has been danced around. The following is a quote that I took out of an email from AHS...it was received Friday 2/11/11.

"Our computers used to only store credit card information for 1-1.5 weeks after an order was place but we are now deleting this information as soon as we ring up an order. By next Wednesday we will have switched to our new system and will no longer have access to any of our customers credit card information."

Why can't we get a straight answer from the management team? Very telling.
Click to expand...

This sounds like the most detailed answer we've seen so far.

this does not imply an inside job, outside hands can reach inside.
 
DaBiggin, I was not trying to be smart, I was just trying to point out the information you were asking for is what I would consider some pretty serious information that could be used against a business. I ordered on 2-9-11 and my charge went through on 2-11-11, it was manual entry per the slip that came with my perlicks and shanks (so that answers that inquiry you had). I have an interest in this too, I was not saying that just to be an ass, I just wanted to point out the information you want may be what is considered sensitive.
 
Sacdan said:
There ARE a hundred people picking him apart, with good reason.
Click to expand...

Are the "hundred" people ready to apologize if it turns out AHS is not at fault and it was a 3rd party breech?

I know I'm ready to apologize if it turns out AHS is at fault; but again, arm-chair QB speculation isn't helping anything....
 
AZ_IPA said:
Are the "hundred" people ready to apologize if it turns out AHS is not at fault and it was a 3rd party breech?

I know I'm ready to apologize if it turns out AHS is at fault; but again, arm-chair QB speculation isn't helping anything....
Click to expand...

First, I never said that AHS was at fault, so no, I will not apologize either way...as a customer, I just want to be treated with respect and valued as a customer. That ship has already sailed.
 
riverfrontbrewer said:
First, I never said that AHS was at fault, so no, I will not apologize either way...as a customer, I just want to be treated with respect and valued as a customer. That ship has already sailed.
Click to expand...

I wasn't referring to you river....

You have aired legitimate grievances that have not been answered. So, I agree with you on that...

My point is that the speculation going on is not helping anything.

:mug:
 
Austinhomebrew said:
It was not an inside job by an employee. We know that much. We are trying to find the root source which came from outside Austin Homebrew Supply.

Forrest
Click to expand...

Forrest, thank you for your response. Can you tell us how you know with certainty that it was not an employee? I have an email from AHS, I don't know if it was you, saying that you were hiring new employees during the same timeframe. To me it seems the most likely weak link in the chain.
 
AZ_IPA said:
I wasn't referring to you river....

You have aired legitimate grievances that have not been answered. So, I agree with you on that...

My point is that the speculation going on is not helping anything.

:mug:
Click to expand...

Look. I've been following this thread since I was first told about it last week and found my account had been compromised. If there is any speculation it occurs on both sides. My opinion is that those in the same camp as me, are only asking for answers from AHS and assurances that our account numbers are being handled with all due care.
 
DaBiggin said:
Look. I've been following this thread since I was first told about it last week and found my account had been compromised. If there is any speculation it occurs on both sides. My opinion is that those in the same camp as me, are only asking for answers from AHS and assurances that our account numbers are being handled with all due care.
Click to expand...

I agree and for the record, I e-mailed AHS on 2/7 at 8:23pm to give them a heads up that there was a likely "hack" somewhere in this system...

I think we all have the same bottom line - AHS' on-line ordering system was somehow comprimised in January, and we want it addressed and fixed in a manner that we trust to believe the situation has been taken care of. Right?
 
AZ_IPA said:
Are the "hundred" people ready to apologize if it turns out AHS is not at fault and it was a 3rd party breech?

I know I'm ready to apologize if it turns out AHS is at fault; but again, arm-chair QB speculation isn't helping anything....
Click to expand...

Hell no! It IS his fault whether it was an employee or his "3rd party" processor. He is still culpable. There is NO speculation. His company IS at fault for the credit card fraud. He didn't address this fast enough and is too quick to push off blame. I am assuming that you didn't get compromised. Perhaps if you did, you would be singing a differnt song! Once agian there are too many people who want to defend him. Enjoy the Lovefest. I don't care how long he has been a vendor. Until he gets his act together I think no one should do business with him.
 
AZ_IPA said:
I agree and for the record, I e-mailed AHS on 2/7 at 8:23pm to give them a heads up that there was a likely "hack" somewhere in this system...

I think we all have the same bottom line - AHS' on-line ordering system was somehow comprimised in January, and we want it addressed and fixed in a manner that we trust to believe the situation has been taken care of. Right?
Click to expand...

I mean this with respect. Amen brother.
 
DaBiggin said:
Forrest, thank you for your response. Can you tell us how you know with certainty that it was not an employee? I have an email from AHS, I don't know if it was you, saying that you were hiring new employees during the same timeframe. To me it seems the most likely weak link in the chain.
Click to expand...

I will post more info as I get it. So far, we know this was an outside job so, I am treating it as such. I have changed credit card processors. I have increased our verisign ecryption to the same type of security Amazon and Paypal have. When you check out the url bar turns green = Extended Validation SSL Certificate. I don't know of another homebrew store that has this.

I am doing everything I can to make everything more secure.

Forrest
 
My account has been closed and I am out no $. However; the same cannot be said for any merchant that has had one of these purloined accounts used to purchase goods or services and are now forced to pay chargebacks, associated fees, and in addition incurred lost products.
 
Status
Not open for further replies.

Similar threads

Steveruch
REALLY disappointed with morebeer
Replies
8
Views
2K
Kickass
K
D
not really new but I sort of am
Replies
2
Views
475
RM-MN
R
F
Northern Brewer Shipping Delay
Replies
18
Views
3K
Skeeter686
S
H
Houston CO2
Replies
4
Views
231
Houston_CO2
H
Cogswell
Anyone Familiar with Long Island Homebrew?
Replies
10
Views
3K
AlexKay
A
Brewer's Friend 300

Latest posts

Back
Top