Ever have a credit card number stolen???

Williams 728
Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum

Help Support Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Status
Not open for further replies.
I'm going to sound a bit harsh, but you people that refuse to open a credit card are idiots. I understand that it is a generational thing and "borrowing" money for unsecured debt is a pretty new thing, but simply refusing to open a credit card account just because is foolish.

There's one gentleman in this thread that is out over $500 right now and is on the verge of "being broke" all because someone got his debit card numbers and drained his BANK account. Now he has to wait for the bank to open, go there to fill out the forms to dispute a charge (time lost), wait for the bank to issue a temporary credit on his account, and then hope that they don't come up with a reason deny the refund request. Had he used a credit card, his bank account would still have the $500, the issuing bank would be out $500, and he'd be getting a new card in the mail. All that he would have had to do was say, "I did not make those charges" and he'd be done on his end. Additionally, having an open credit card account, even if you only use it once or twice a year, can add 50 points or more to your credit score, of which 30% is based on available credit. I worked with a guy who paid cash for everything in life and never borrowed money. When he got married, HE COULDN'T GET A MORTGAGE BECAUSE HE HAD NO CREDIT!

I'll get off my soap box now. I hope that many of chalk this up as a learning experience and not use a debit card for online transactions. This is really going to suck for AHS since this is a huge publicity issue and I hope that they are able to work through it all.
 
Walker said:
For me, it can't have been that long ago. My credit card had expired in Jan and I received a new one around the 15th. That's the one that got stolen. So, that card and number were only about 3 weeks old when the charges happened.
Click to expand...

So you're pretty much limited to the.. three? purchases you had made since receiving the card. I thought that might have been an unlikely possibility, but it was worth a check for any other commonalities between cards.
 
Add me to the list, purchased a kit from AHS 1/31 and fradulent charges appeared 2/8. There is way too much coincidence in this thread that is pointing to AHS as the root cause. I have never seen a thread this big on a forum withing this period coming from one source. I think AHS is a great store, but hopefully forrest looks at all this evidence and looks into his hosting solution as there might be a problem.
 
jmendez29 said:
Wow. Been keeping up on these threads, and something just occurred to me. I recently had one of my CCs reissue me a new card. About a year and a half before it expires. They mentioned something in the letter about how they detected a potential security breach so they are pre-emptively issuing new cards with the same number but different security sequence. It has nothing to do with anything I did, just making sure my assets are secure. Which is fine, I don't carry a balance on the card, so I would be able to figure it out quickly if anything came up. All this explains a lot.

Any chance any of these events are on a Discover card?
Click to expand...

Within the last two weeks, I've received the very same letter from Discover.
 
IMO AHS deserves some of the blame if they continue to operate their site without warning having the knowledge that this is going on to the degree it is. That is irresponsible and bordering on gross negligence. They have insurance for a reason.

The longer they wait to address the issue, the closer they are to the problem IMO. If they are innocent, they have nothing to lose. I am unimpressed with how they are dealing with this so far and will never order from them ever again if they don't publicly address this issue or at a minimum contact their customers that were affected. That is business 101.

With the differing forms of payment that have been affected it is pretty clear that it is an internal problem with them directly.
 
I ordered from them on Jan 10th. My credit card charges were from February 7th that were fraudulent. I think that February date is significant.

As far as using the credit card as quickly as possible after stealing, if it is that widespread, waiting may displace the blame onto others. I don't see the purchases happening almost a month later as reason to not suspect the common variable. I'm guessing that there is definitely some connection to either this website (which I doubt) or Austin.

Jonesy
 
Thanks to all of the supporters. I have been working hard on this issue since Sunday at 5pm. I have meetings all day today to work on finding out what happened and how to fix it.

Rest assured we are doing everything we can to assure that the website is safe.

We have been addressing the issue and please don't assume I am doing nothing. My time is focused on fixing the problem and I won't be able to come on this forum on the half hour like I usually do.

Sorry for any problems this attack on all of us has caused. I am sure your bank and credit card companies are taking care of you. Check your statements and call them right away if they havent called you.

Thanks again for your support.

Forrest
Austin Homebrew Supply
 
I had a fraudulent charge as well. It was for Walmart.com. I only use the card for Internet purchases, so after reading the other similar experiences, I must believe they problem is with AHS. I hope that the issue is addressed publicly so that I can feel safe purchasing there again.
 
I just placed an order using the Paypal payment option. We'll see what happens. I don't leave money in my Paypal Account, so hopefully if anything happens, it will be easier to stop it from affecting me. Plus, at least with Paypal I will get a notification if any charges are made.
 
Forrest,
Thanks for keeping on top of this. I think most of us who've been on this thread from the beginning do realize you've been working on this, but the thread has grown so large that newcomers could easily miss that fact. Nothing to do for that except for those of us who are aware to try and remind the newcomers.
All this bother aside (if indeed your site is involved), I want to also thank you for the great deal on the perlick's and say I can't wait to brew up this pecan porter!
 
jmendez29 said:
Wow. Been keeping up on these threads, and something just occurred to me. I recently had one of my CCs reissue me a new card. About a year and a half before it expires. They mentioned something in the letter about how they detected a potential security breach so they are pre-emptively issuing new cards with the same number but different security sequence. It has nothing to do with anything I did, just making sure my assets are secure. Which is fine, I don't carry a balance on the card, so I would be able to figure it out quickly if anything came up. All this explains a lot.

Any chance any of these events are on a Discover card?
Click to expand...

i've gotten this exact thing about a month ago, but with my bank debit cards. i've never shopped at ahs.
 
Just a quick note to all concerned parties:

Forrest posted this morning in one of the three threads running on this subject. He is actively investigating it, as he has been since the morning after I started the first of these 3 threads.

Let's give the guy the chance to dig in thoroughly and either find the problem or prove his non-involvement. These things do take some time, if you're trying to be thorough about it
 
After reading through this entire thread, I still think that there is nowhere enough significant evidence to draw a link to AHS.

I would be interested to go back in time and start a thread about stolen credit cards (not linked to anywhere) and see how many people have experienced it outside of this instance, linked to AHS or not. Just because these threads popped up recently doesnt mean that people on here have not been experiencing CC theft until now...it just means that nobody has brought it up on here.

I'd be willing to bet that if you picked just about anything and asked "do you post on HBT, shop at AHS, and do X" you'd get a big thread of people who did it...be it "went bowling", "ate a hamburger last week", "crashed their car", etc.

That being said, I only shop online with American Express. They are the best when it comes to looking out for you and your money.
 
Add me to the list of fraud victims. Two charges made:

Apple store for around $800 and (directly off the statement: Pending Misc. Debit POS DEBIT OREGON RSA 3 INC SPRING VALLE IL) for $2.38. I also ordered from AHS, which was on 1/14/11.

AHS was not my only purchase to online retailers (only other purchase was my train ticket to go to and from work on line). This will not stop me from purchasing from AHS, since they provided great service to me when filling my order, and I'm sure they too are a victim in all of this.

From the sound of everything, it sounds like someone farmed all the numbers and sold them off.
 
pvtschultz said:
Had he used a credit card, his bank account would still have the $500, the issuing bank would be out $500, and he'd be getting a new card in the mail.
Click to expand...

100% agreed (though I personally would've refrained from calling people idiots :)). I too have worked with people that refused to get a credit card, fact is today to live that way does indeed have negative effects with modern society and the way we do business. As for the debit card... they are evil lol. Really, when fraud hits your bank account via your debit card it is WAY harder to get your money back! Sometimes the bank will only reimburse you up to $500 and sometimes not at all, I've seen it happen to my best friend who refuses to use credit cards. He's also complained to me about the banks ordering of cards and how they process the big charges first and then hit you with $30 overdraft fees for buying a $3 burger at McDonalds. I stay far away from debit cards.


Rev.
 
Fat_Bastard said:
I got hit for over 600 dollars in 6 transactions on 2-7.YES I did recently order from austin home brew supply.
Click to expand...

I am in the exact same boat but all of my charges were on 2-8. "No bank, I did not buy a bus ticket in Argentina."
 
Sorry for the wall of text that follows......

I have never ordered from AHBS so I have no dog in this fight, but I do deal with merchant account & credit card processor security in my job, and it is possible that AHBS did not get hacked but the credit card processor they use got hacked instead.

This happened to one of my clients who run a restaurant. They were receiving calls from customers that said after they dined with them they started receiving fraudulent charges to their credit cards and debit cards. The restaurant uses a POS system that processes all CC's through a program called PCCharge. PCCharge settles all the CC transactions nightly (called batching) and then deletes the CC numbers after a successful batch.

The restaurant contacted the software company after this happened thinking they had a security breech, after a security audit from the software developer they confirmed the restaurants system was clean and no malicious activity occurred in house.

The software developer then told them to contact the processor to report the problem. They reported it and were told from the processor that they had no breeches on their (the processor) end. Fast forward 3 weeks, the restaurant gets a call from they processor who said after a thorough investigation they actually HAD indeed been hacked and were sorry for the troubles. So AHBS itself might not have been compromised but a vendor they use is.
 
KevinM said:
So you're pretty much limited to the.. three? purchases you had made since receiving the card. I thought that might have been an unlikely possibility, but it was worth a check for any other commonalities between cards.
Click to expand...

No. i had made more than three purchases on the card since receiving it. It's the card I use locally to buy gas and groceries and stuff.
 
strat_thru_marshall said:
After reading through this entire thread, I still think that there is nowhere enough significant evidence to draw a link to AHS.
Click to expand...

I can confirm 100%, that if what everyone is posting here was actually known to be true (meaning not just posted on the internet by annonymous posters), there is plenty of evidence to initiate an investigation.
 
Airborneguy said:
I can confirm 100%, that if what everyone is posting here was actually known to be true (meaning not just posted on the internet by annonymous posters), there is plenty of evidence to initiate an investigation.
Click to expand...

I can understand the desire to avoid a "Let's blame AHS" influx but I too think it is more than likely the source of this. I've purchased from Midwest and Nothern a number of times the past month and checked my card to be on the safe side when seeing this thread - all clear here. I've never ordered from AHS, but I would not avoid them because of this. I would figure AHS will investigate as will the card companies. If AHS thinks they've found a possible breach I think they'd make sure to correct it and do their best for it to never happen again. It's not their fault really, it can happen to any company. As mentioned earlier in the thread, bartenders and waitstaff have stolen numbers before, can't blame the business for one dubious persons actions.


Rev.
 
I ordered from AHS on 1/10 and have had no "activity". I also used Pay Pal...
 
HollidaySlim said:
but I do deal with merchant account & credit card processor security in my job,
Click to expand...

Well, the weakness in the Austin system is they run the cards manually. If they aren't using a secure connection to access that data once it hits the server it could be intercepted in a number of places. I had a customer that took credit cards on our server. No certificate. He didn't want to pay for one. He then had the info emailed to him as it arrived. AHB could be using a similar system. No way to know but Walker did post the info they sent him about running the cards manually so they could be using a similar system.
 
I ordered from AHS on 1/27. The only place I've bought anything online since before Christmas. I had an unauthorized transaction go through on 2/07 post on 2/08 of $186 from a 'Damm In' via PayPal. I just got off the phone with my bank, filing a claim.
Although I do thank the HBT community for informing me of a situation! It reminds me of those PSA commercials, "The more you know...."
 
So the problem did come from your site/cc processor/system?


Austinhomebrew said:
Thanks to all of the supporters. I have been working hard on this issue since Sunday at 5pm. I have meetings all day today to work on finding out what happened and how to fix it.

Rest assured we are doing everything we can to assure that the website is safe.

We have been addressing the issue and please don't assume I am doing nothing. My time is focused on fixing the problem and I won't be able to come on this forum on the half hour like I usually do.

Sorry for any problems this attack on all of us has caused. I am sure your bank and credit card companies are taking care of you. Check your statements and call them right away if they havent called you.

Thanks again for your support.

Forrest
Austin Homebrew Supply
Click to expand...
 
My bank just last week canceled my CC and had to send me a new one saying the system was compromised. I don't think this has anything to do with AHS specifically, rather, whatever system or company they use.

I personally didn't have any unauthorized transactions, but it's the 2nd time in about 2 years that USAA has done this to my card. And they are great about it, they don't call me (which is not a safe way as this is how a scammer would do it.), and they don't email me (same thing here).. I only find out cause I'll log in (like I do almost everyday) to check my account, and there's a red flag by the credit card.

that is an excellent way of letting you IMO.
 
Hermit said:
Well, the weakness in the Austin system is they run the cards manually. If they aren't using a secure connection to access that data once it hits the server it could be intercepted in a number of places. I had a customer that took credit cards on our server. No certificate. He didn't want to pay for one. He then had the info emailed to him as it arrived. AHB could be using a similar system. No way to know but Walker did post the info they sent him about running the cards manually so they could be using a similar system.
Click to expand...

Whoops I guess I missed that post. Aside from it being a security flaw I would think you would want to reduce labor in the whole process by letting the software processes the CC. I'm sure they have a valid reason for doing CC processing this way though, just seems like a waste of time and resources IMO......which is worth absolutely nothing. :D

Looking at the AHBS site they do use a SSL certificate, so thats good. But there are to many variables to know what type of encryption the shopping cart software itself uses.
 
Let me be clear, I do not blame AHS.

I do think that the information provided here is enough for AHS to look into the matter - and they are.

I am not in retail, but I think its safe to judge that many companies are involved in a single credit card transaction and the theft of the numbers could have occured anywhere. However its does seem that the AHS is a common thread and it is wise of them to look into it.

They are a good company and I will shop with them again.

I will also have a long talk with my credit card company about why they stop my legit purchases and yet let fraud slip by.
 
I think I've likely tracked down the source of my problem.

I had to cancel my CC due to fraudulent charges on 2/7. I ordered from AHS for the first time on 1/18. Other than Amazon, I believe this was the only online purchase I've made in 2011.

I'm not upset with and I don't blame AHS, but as others have said this seems to be a common theme.
 
The timeframes and fraud dates lead me to believe that the numbers were farmed and 2/7 was the day that they were sold since all the fraudulent charges appear to have ocurred 2/7-2/9. It also leads me to believe if AHS had any impact, it would have been offline, a disgruntled employee as someone said previously. These things can and will happen. This is why i use Paypal if at all possible for online transactions.
 
HollidaySlim said:
Sorry for the wall of text that follows......

I have never ordered from AHBS so I have no dog in this fight, but I do deal with merchant account & credit card processor security in my job, and it is possible that AHBS did not get hacked but the credit card processor they use got hacked instead.
Click to expand...

This was my first assumption as well. I work in the financial IT Security field as well, but not in the Credit Card arena. It is why my wife's business uses a separate processor for online purchases, and it isn't handled through her website. It costs a touch more, but I know how much time and effort go into tracking down and resolving issues like this. One event would cost more in my time, and lost revenue, than the difference in charges.

I have to give a hand to AHB though, they seem to be dealing with it quickly and responsibly, which is alot more than I can say for some places I have dealt with.
 
Austinhomebrew said:
Thanks to all of the supporters. I have been working hard on this issue since Sunday at 5pm. I have meetings all day today to work on finding out what happened and how to fix it.

Rest assured we are doing everything we can to assure that the website is safe.

We have been addressing the issue and please don't assume I am doing nothing. My time is focused on fixing the problem and I won't be able to come on this forum on the half hour like I usually do.

Sorry for any problems this attack on all of us has caused. I am sure your bank and credit card companies are taking care of you. Check your statements and call them right away if they havent called you.

Thanks again for your support.

Forrest
Austin Homebrew Supply
Click to expand...

Forrest,

Thanks for at least admitting that there are too many of these instances to deny involvement in the fraud... Not intentional involvement but as a co-victim with the rest of us)...

I was uncomfortable with the earlier posts by your employee saying that he had done an investigation and there was absolutely no compromise on your end..

Reminded me of Baghdad Bob...

At least when you admit there is a problem that you too are involved in, I 'know' you will make this number 1 priority.. because your reputation is everything in this sort of business... I pray you don't suffer any significant losses to your reputation or business from this, especially long term...

Please share with us what you find out when you do.. Knowledge is power... And we all need all the power we can to protect ourselves in a rapidly evolving financial world...

This might be a good time to make sure you are dealing with a company who handles your transactions has given you the very best security available.. or changing to a company that will.. but at this point, I'm sure you are at least planning to do this if not already in process...
 
Yup

Order from AHS on 1/24... got a call yesterday CC Compromised !!

So, not sure by his post, but did AHS say the problem was from their site / CC processor?

-Craig
 
HollidaySlim said:
So AHBS itself might not have been compromised but a vendor they use is.
Click to expand...

In my mind, this is more and more the likely case... I see an obvious connection to AHS, but I doubt that anything they did within the context of their daily business dealings was the root cause..

So many layers to this stuff these days.. Which is exactly what allows the criminals to execute and get away with this crime..

It was much harder to get away with theft when I was a kid, and you handed the vendor cash in his store, and walked out with your product... Now you can sit behind a computer monitor in some other (likely lawless) country and siphon off money from any of a couple dozen steps it goes through on it's way form your hand to the vendor...

OTOH, it sure is nice to be able to shop on line at home in your underwear, and then have the product 'delivered' to your door by a guy in a big brown box with wheels...

I guess it comes down to asking ourselves if we're willing to pay the price for the convenience...
 
I just found a pending charge on my account that says the following and I don't recognize it at all:
MDR Sylvester 01 for $2.90

Anyone seen anything similar? What kind of charge was that initial small amount?
 
Status
Not open for further replies.

Similar threads

Steveruch
REALLY disappointed with morebeer
Replies
8
Views
2K
Kickass
K
D
not really new but I sort of am
Replies
2
Views
511
RM-MN
R
F
Northern Brewer Shipping Delay
Replies
18
Views
3K
Skeeter686
S
H
Houston CO2
Replies
4
Views
308
Houston_CO2
H
Cogswell
Anyone Familiar with Long Island Homebrew?
Replies
10
Views
3K
AlexKay
A
Yakima 300

Latest posts

Back
Top