Ever have a credit card number stolen???

[ThePipemaker]

My card number was stolen too. I placed an order with Austin Homebrew last week. Someone bought a plane ticket in Thailand with my card # this morning.

 

[Walker]

Does anyone here really think there's any kind of mal-intent involved from Forest. Give me a break. Witchhunt somewhere else.

Nobody has suggested any mal-intent from Forrest at all.

 

[Flomaster]

Crash, there are now three threads on here talking about fraud happening this month. Over 20 people who have been hacked have all purchased from AHS. there are a couple who have been hacked and haven't shopped at AHS, but when you have 20 plus people all getting violated and all shopped at a certain store is it just a fluke coincidence?

-=jason=-

 

[rustbucket]

i would not blame AHS right away, altho i have come to the same conclusion right off the bat, but i really think there is something bigger happening here than what we realize. This is to much of a coincidence for all the people on here having there cards stolen. when i looked at my credit card statement today i saw the two fraudulent charges, then looked when i ordered form AHS, and it was 1-10-2011.. just about one month difference

im just hoping i can get my money back due to it was a debit card that was charged and there is a sum of just under 500.00 taken out of my account (which im still overly mad, and my bank is dumb and wont allow me to talk to a representative until they open at 8am.) Note this, all i know is that im changing banks.

 

[Walker]

Another question to me would be did someone/thing take the credit card information a while back and not bring it out till now? For example, I've read many people's credit cards and cvc numbers a few years back due to working retail, and if I were unscrupulous enough to write them down, I could certainly have waited to try using it. Was there an old database compromise where the numbers have been floating out there, waiting for this batch to be used? Or is it something that happened recently

For me, it can't have been that long ago. My credit card had expired in Jan and I received a new one around the 15th. That's the one that got stolen. So, that card and number were only about 3 weeks old when the charges happened.

 

[ChshreCat]

Nobody has suggested any mal-intent from Forrest at all.

+1 Forrest and AHS are as much victims as the folks getting their CC #'s stolen are, assuming this is somehow related to AHS as it appears to be from the outside. I have a feeling that once this gets figured out, there'll be a big rush of orders at AHS as people buy stuff they might have held off on.

 

[Crash1040]

I was just making a point in defense of AHS that must not have come accross as intended in writing. And even without the direct accusations not addressing the few inappropriate under tones just didn't seem right. So i said what I said.

Now back to the shadows.

 

[JonW]

Does anyone here really think there's any kind of mal-intent involved from Forest. Give me a break. Witchhunt somewhere else.

I've not seen any posts to suggest that. Is AHS tryin to rip people off - ABSOLUTELY NOT! Does AHS have a problem somewhere in their system or staff - (in my opinion) ABSOLUTELY ! The number of posts indicating fraud in a short period after purchasing from AHS are just too overwhelming to ignore.

I posted up information today regarding this and it was promptly deleted by the admins (and replaced with their own post asking to keep this OT (on topic)). That was after an AHS staff person asked me to change my post so I didn't make him look like a moron (his words, not mine).

Here's a portion of a PM I sent to them today:

I think you guys should try communicating a little more with the people in the threads as to what you're doing to research the problem. Are you using outside forensics to research this or is it just in-house people trying to figure it out? Showing that you have 3rd parties researching this would go a long way to show that you (AHS) takes this potential breach seriously and are doing everything you can to make sure it is being handled. On the other hand, if there are just internal people at AHS running virus/malware scanners and doing simple log checking on the server, then you're not approaching this the right way.

Now, the only reason I post this up here is because AHS is failing on one important thing - They are not communicating with the people affected here!

 

[Flomaster]

well I've said it again and I'll say it again I bought from AHS Jan 20th. I paid with a debit card and I have not been compromised, but the other 20 plus people on here HBT have been. so what gives. one guy hadn't used his card since August of 2010 and the only time he used it was last week at AHS.


-=jason=-

 

[Crash1040]

It's obviously not a conincidence. But.....

It could have happened to anyone online and any online retailer.

 

[Fat_Bastard]

well add me to the list! got tapped for over 500 dollars on my account and YES I did recently order from AHS.thank god I saw this thread wouldn't have known to check.

 

[DankTheTank]

Hey all, first post. I had been putting off making an account but I guess this is as good a reason as any, right?

My most recent purchase from AHS was on 1/13, and on 2/8 I had a fraudulent charge of $186 show up. Spoke to my bank as well as paypal (the charge shows it goes through them), and they have said it is for baby equipment in Poland? I can't say this happened because of AHS because I use this card for the majority of my purchases, but just wanted to add myself as a data point.

 

[Fat_Bastard]

I got hit for over 600 dollars in 6 transactions on 2-7.YES I did recently order from austin home brew supply.

 

[r8rphan]

Just to add a little fuel to the fire, I stopped by may bank today on the way home from work... I asked the branch manager if there had been any news on my case.. So she made a call to someone (the guy investigating it), and then she was looking over my transaction history on the computer.. While she was still on the phone with the guy, she turned to me and asked me if "this purchase to Austin Home Brewing Supply is legit".. I said yes, and she told the guy on the phone yes, and then she turned to me and asked me to look at it on her computer and again asked me if it was an order I placed.. I said yes..

I asked her 'why?'.. She said, "Just making sure" I thought that exchange was 'interesting'... It doesn't mean 'anything'.. but is still 'interesting' in light of these threads...

It was the last time I had used the card before the day the fraudulent charges showed up... I made two other purchases that evening (on the 7th, the day of the fraud) to rockler.com and to B3.. The next afternoon is when I found out about the fraud.. My rockler order didn't get processed though.. because when they processed the order on monday, the card was declined.. due to the $400 worth of airline tix that had been bought on it...

I plan to continue buying from AHS.. Their prices and service are good.. I have no reason to believe that they acted in any way to purposely harm me... If they are the problem, it is becasue they have been victimized as well...

That being said, I'm not sure I will be using a CC to make the purchases.. possibly money orders (expensive way to go though) or if I do, I may set up a checking acct at another bank with no authorization to be overdrawn at any time.. and then put just enough money to cover in the account a few hours before I need to make an internet purchase... At all other times maybe have $10-20 in it.. might be worth the $7-10 a month for the peace of mind...

 

[pd230soi]

my just got hit for 414.94 at the The Golf Warehouse.

I use my card a bit - multiple charges this month.

Purchased from AHS on 1/28/2011, charges at The Golf Warehouse on 2/9/2011.

BTW thanks for raising this issue here on this forum. I saw this post, checked my account on line, found the fraud, got the charges pulled off and a new account is being set up now.

 

[MeatyPortion]

This just goes to show how much chaos can be generated by instances of identity theft. Let's assume that AHS had no part in this and the timing of purchases through them was coincidental but AHS would still be feeling loss of revenue or experiencing bad word of mouth. I'm sure this sort of collateral damage happens a lot regarding this sort of theft. So we have the customer defrauded, credit card company or bank spending money fighting the fraud and possibly pursuing charges, business servers compromised, companies involved directly, and finally companies not actually involved aside from guilt by association. Quite the **** sandwich, and all this equals higher interest rates and charges put out by banks and cc companies, not to mention the potential losses to other businesses involved.

Bear in mind, I'm not trying to accuse anyone of anything here, I'm just illustrating a point. I hope this gets wrapped up soon and everything goes back to semi-normal.

 

[jmendez29]

No. I was literally just the small amount that triggered it.

Not necessarily. I travel to Wisconsin several times a year to visit my family and to bring my kids to visit their mother's family. On one particular trip, I went to do some shopping at a mall. I used a credit card that had been paid off for a couple of months, and before I even left the store, my cell phone was ringing. The CC issuer was calling me to confirm that I had just made a purchase with that credit card. After talking to the representative, I was informed that my purchase history had indicated to them that I made the majority of my purchases on my computer (complete with IP address) or within a certain radius of my home. To see this purchase that was far removed from that radius was unusual and it got flagged.

Not to say that a small purchase wouldn't flag it, but I had once read an article about how some people were raking in millions from CCs, but only a dollar or two at a time. They would get a list of several thousand CC numbers and charge each of them just a couple bucks, maybe a few times a month. Even if only 25% of them went through, they make a bunch of money and if nobody notices, then they just keep doing it. After reading that, I checked my CC and sure enough, there it was. I called the number on the statement for the charge, and got no answer. After researching it online, I realized it was exactly what the article was talking about and when I contacted the CC issuer, they couldn't believe that their system didn't catch it.

 

[462studio]

Add me to the list of people who shopped at AHS and recently had their card compromised.

Not pointing fingers. Just saying.

 

[sudsmcgee]

It's not HBT in my case. I've only used PayPal for my HBT membership - they've never seen my card #.

I think the idea is that you USE HBT, not that you gave money directly to it. If HBT is somehow allowing malware to be installed on peoples computers, it wouldn't matter if you paid paypal directly.

Regardless, it still seems AHS is the more likely culprit.

 

[bp262]

As another data point, I placed an order through AHS on 1/15 and have had no fraudulent activity. That being said I'll be contacting Amex today and asking that they issue a new number.

rustbucket, Most Debit transactions are under the SAME protection as a regular Credit Card (Visa, Master Card, etc). However you will be out that money until the fraud case is ruled on internally or your bank sends you interim cash. I had my wallet stolen about 6 months ago, $900 charged in one evening. It took my bank about 2 weeks to issue me a check and then 3 months before the fraud was found to be actual fraud (dude is in jail now, police recognized his mug from surveillance footage).

Blake

 

[pvtschultz]

I'm going to sound a bit harsh, but you people that refuse to open a credit card are idiots. I understand that it is a generational thing and "borrowing" money for unsecured debt is a pretty new thing, but simply refusing to open a credit card account just because is foolish.

There's one gentleman in this thread that is out over $500 right now and is on the verge of "being broke" all because someone got his debit card numbers and drained his BANK account. Now he has to wait for the bank to open, go there to fill out the forms to dispute a charge (time lost), wait for the bank to issue a temporary credit on his account, and then hope that they don't come up with a reason deny the refund request. Had he used a credit card, his bank account would still have the $500, the issuing bank would be out $500, and he'd be getting a new card in the mail. All that he would have had to do was say, "I did not make those charges" and he'd be done on his end. Additionally, having an open credit card account, even if you only use it once or twice a year, can add 50 points or more to your credit score, of which 30% is based on available credit. I worked with a guy who paid cash for everything in life and never borrowed money. When he got married, HE COULDN'T GET A MORTGAGE BECAUSE HE HAD NO CREDIT!

I'll get off my soap box now. I hope that many of chalk this up as a learning experience and not use a debit card for online transactions. This is really going to suck for AHS since this is a huge publicity issue and I hope that they are able to work through it all.

 

[KevinM]

For me, it can't have been that long ago. My credit card had expired in Jan and I received a new one around the 15th. That's the one that got stolen. So, that card and number were only about 3 weeks old when the charges happened.

So you're pretty much limited to the.. three? purchases you had made since receiving the card. I thought that might have been an unlikely possibility, but it was worth a check for any other commonalities between cards.

 

[su719]

Add me to the list, purchased a kit from AHS 1/31 and fradulent charges appeared 2/8. There is way too much coincidence in this thread that is pointing to AHS as the root cause. I have never seen a thread this big on a forum withing this period coming from one source. I think AHS is a great store, but hopefully forrest looks at all this evidence and looks into his hosting solution as there might be a problem.

 

[Hugh_Jass]

Wow. Been keeping up on these threads, and something just occurred to me. I recently had one of my CCs reissue me a new card. About a year and a half before it expires. They mentioned something in the letter about how they detected a potential security breach so they are pre-emptively issuing new cards with the same number but different security sequence. It has nothing to do with anything I did, just making sure my assets are secure. Which is fine, I don't carry a balance on the card, so I would be able to figure it out quickly if anything came up. All this explains a lot.

Any chance any of these events are on a Discover card?

Within the last two weeks, I've received the very same letter from Discover.

 

[lazytaper]

IMO AHS deserves some of the blame if they continue to operate their site without warning having the knowledge that this is going on to the degree it is. That is irresponsible and bordering on gross negligence. They have insurance for a reason.

The longer they wait to address the issue, the closer they are to the problem IMO. If they are innocent, they have nothing to lose. I am unimpressed with how they are dealing with this so far and will never order from them ever again if they don't publicly address this issue or at a minimum contact their customers that were affected. That is business 101.

With the differing forms of payment that have been affected it is pretty clear that it is an internal problem with them directly.

 

[angolajones]

I ordered from them on Jan 10th. My credit card charges were from February 7th that were fraudulent. I think that February date is significant.

As far as using the credit card as quickly as possible after stealing, if it is that widespread, waiting may displace the blame onto others. I don't see the purchases happening almost a month later as reason to not suspect the common variable. I'm guessing that there is definitely some connection to either this website (which I doubt) or Austin.

Jonesy

 

[Austinhomebrew]

Thanks to all of the supporters. I have been working hard on this issue since Sunday at 5pm. I have meetings all day today to work on finding out what happened and how to fix it.

Rest assured we are doing everything we can to assure that the website is safe.

We have been addressing the issue and please don't assume I am doing nothing. My time is focused on fixing the problem and I won't be able to come on this forum on the half hour like I usually do.

Sorry for any problems this attack on all of us has caused. I am sure your bank and credit card companies are taking care of you. Check your statements and call them right away if they havent called you.

Thanks again for your support.

Forrest
Austin Homebrew Supply

 

[MongoloidMormon]

I had a fraudulent charge as well. It was for Walmart.com. I only use the card for Internet purchases, so after reading the other similar experiences, I must believe they problem is with AHS. I hope that the issue is addressed publicly so that I can feel safe purchasing there again.

 

[Airborneguy]

I just placed an order using the Paypal payment option. We'll see what happens. I don't leave money in my Paypal Account, so hopefully if anything happens, it will be easier to stop it from affecting me. Plus, at least with Paypal I will get a notification if any charges are made.

 

[stratslinger]

Forrest,
Thanks for keeping on top of this. I think most of us who've been on this thread from the beginning do realize you've been working on this, but the thread has grown so large that newcomers could easily miss that fact. Nothing to do for that except for those of us who are aware to try and remind the newcomers.
All this bother aside (if indeed your site is involved), I want to also thank you for the great deal on the perlick's and say I can't wait to brew up this pecan porter!