Ever have a credit card number stolen???
- Thread starter stratslinger
- Start date
Help Support Homebrew Talk:
- Status
riverfrontbrewer
Well-Known Member
Strangely enough, I still have not receive that email
Austinhomebrew
Well-Known Member
- Joined
- Mar 29, 2007
- Messages
- 2,332
- Reaction score
- 78
We used emails from the orders placed. If you changed email addresses since you opened the account or you specifically requested not to recieve emails from us it would not have gone through.
The email was posted on this thread.
Forrest
The email was posted on this thread.
Forrest
Capital One must be wise to this. They mailed me a letter stating my information had been compromised via a 3rd party but wouldn't say who.
They canceled my account and issued me a new card even though i had no fraudulent charges and my last order with AHS was in December before this all started. Guess they are playing it safe.
They canceled my account and issued me a new card even though i had no fraudulent charges and my last order with AHS was in December before this all started. Guess they are playing it safe.
wildwest450
Well-Known Member
- Joined
- Dec 27, 2007
- Messages
- 8,978
- Reaction score
- 191
Their a good company, always on the ball. My cards been "borrowed" twice, they caught it both times before the charges even went through.
_
sudsmcgee
Well-Known Member
My wife just got a new card with new numbers yesterday and she most definitely did not shop at AHS. I think a major processor got hacked.
![Craft A Brew - Safale BE-256 Yeast - Fermentis - Belgian Ale Dry Yeast - For Belgian & Strong Ales - Ingredients for Home Brewing - Beer Making Supplies - [3 Pack]](https://m.media-amazon.com/images/I/51bcKEwQmWL._SL500_.jpg)
Ace_Club
Well-Known Member
My wife's been giving out her digits to everybody. It's not helping things at all.
I realize credit card fraud is common. There is a group here seemingly trivializing this incident comparing it to waiters stealing numbers. I am just stating that this incident is much more significant in number of affected people and degree of compromise comparatively speaking. I am sure there are bigger hacks in history but this incident is not run of the mill in my experience as a credit card user and forum member. If it was truly the processor that was hacked, that is extremely noteworthy and hard to believe the news hasn't covered that issue since numerous other businesses would be affected. I imagine it is also a pretty technologically advanced thing to accomplish. Much more so than installing some script kiddie malware on a terminal.
Ace_Club
Well-Known Member
This incident is extremely run-of-the-mill based on your being a member of this forum and owning a credit card. This is a homebrewing forum, that means that there is a high percentage of people (~100%) on the forum who shop at homebrew stores. If a homebrew store's data or processing company gets compromised, then a high percentage of forum members will be affected.
Nothing strange at all about that.
Hannable1975
Well-Known Member
I dunno - here is a link that reports 99 people arrested, who scammed an estimated $20 MILLION.
Yes - i know it has nothing to do with the current fraud, but the crime and my point are the same.
My point is, this article is published TODAY - on an off the beaten path website - I have not seen it on any "major" news site yet.
SO I dunno if something would be widely reported or not - it could be the fear it would create would cause such a stampede of panic ( i.e. - 800 of the last 1000 posts in this thread ) that it public can't handle it.
I dunno.
I disagree with your notion. Like I mentioned before I am member of many hobby forums and have been for over 15 years. Some of hobbies that require significantly more disposable income that have many more members that purchase online all the time. Nothing like this has ever come up. Ever. Not once.
I'm not saying this is world shaking stuff going on. I just believe that comparisons to petty credit card theft are daft.
petey_c
Senior Member
Yowza, what an exhausting read. I'm glad the thread finally deteriorated into humor... Last year I had my CC hacked. After 4 attempted charges to Skype, someone sent 20# of "electronics" to west Africa, from Atlanta. Before the package left the UK, my bank had notified DHL, who continued to ship until its arrival. The bank refunded my money (close to $500.00), they shipped anyway. So, who eats that cash? My bank? I almost wanted to have them stop the shipment and send the package back to me. Until I thought about what might actually be in the package of "electronics". When bad guys charge this stuff, like pizza in the UK, do they get a meal gratis? CC company buying them dinner? I could see airline tix, they gamble, their cards don't get issued, they move onto CC # 1315, etc.. If they win, they sell the invalid tix to some rube, make some money and move on.
Ace_Club
Well-Known Member
That's not my point. What I'm saying is that the fact that a homebrew store was affected automatically means that there will be a good number of HBT forum members affected.
Just because any of your other forums haven't been targeted before, doesn't make this a special case. That's specious reasoning.
I get your point. But again, this is sort of petty with the skimmers and all. It would be silly to suggest there aren't organized criminals doing things of that nature daily. What we are led to believe here is that the processor was hacked. That is significantly different in my view.
I dunno - here is a link that reports 99 people arrested, who scammed an estimated $20 MILLION.
Yes - i know it has nothing to do with the current fraud, but the crime and my point are the same.
My point is, this article is published TODAY - on an off the beaten path website - I have not seen it on any "major" news site yet.
SO I dunno if something would be widely reported or not - it could be the fear it would create would cause such a stampede of panic ( i.e. - 800 of the last 1000 posts in this thread ) that it public can't handle it.
I dunno.
Huh? That doesn't make any sense. Are you suggesting that the other hobby sites don't have hobby specific stores that serve them? and that in the forums of the hobby sites that the members wouldn't be connected through the stores and forums should an event like this occur? I can't follow.
The special case is that the processor has been hacked. Not that people come on here to complain because one of the site vendor's stores was compromised or their credit card processor. And not that we have a forum here to serve our hobby and to complain when one of the vendor's systems is/was compromised.
For the sake of discussion. I have been here for a long time lurking. I just never cared to register or post. However, I felt compelled to chime in to contribute to this topic as it developed. Should it have been revealed that it was a corrupt vendor I wanted to contribute positively with my account of what happened to me since I have never seen anything of this nature as I mentioned before. This forum has a wealth of homebrewing information that I am much appreciative of. I am sorry if having a differing opinion than you own offends you.Seems that that is the only reason you are on this forum.
I should also state for the record that I am a network security analyst by profession and the topic of computer crime is intriguing to me since I deal with it every day.
DeafSmith said:
My father also recently placed an order through AHS, and about a week later had a 250 dollar train ticket charged to his debit card in Europe. I don't know about you but there seems to definitely be a strong correlation here.
431brew
Well-Known Member
Mine was pretty hot when my last recipe cost $900+ in the end.
I placed my AHB order on 2/4 (they are aware of my experience). I used a debit card, which is something I hardly ever do online. I learned I had a problem the following Monday, 2/7, when McD's wouldn't sell me a burger.
That was embarrassing....especially after telling the cashier, "Scan it again...you must have done something wrong." Fortunately, I was in the drive thru and didn't embarrass myself in front of the entire lunch crowd.
I went immediately to check my bank account and it had been drained by several transactions. Like others, the transactions included the typical small test run, followed by several large ones.
I have made almost 1000 combined transactions...ebay and others... and this is the first time I have had a fraudalent experience.
knotquiteawake
Well-Known Member
SO, Even thought the bank canceled my card on the 10th, I found an international charge for $600+ ended up posting on the 14th (charge details show it coming from the 8th), and it definitely never showed up in my pending charges ever, and it was NOT on list of Charges on the 14th. It just appeared maybe yesterday or friday.
knotquiteawake
Well-Known Member
If Wells Fargo Fraud department doesn't give me a good answer and instant credit back on the account then we're done with them.
Barnzy02
Well-Known Member
I just recently had my debit card information stolen. A purchase for about $800 was posted and withdrawn from my account. My bank took care of it pretty quiclkly.
I was seriously pissed when it happened, however, i'm still trying to figure out what to make of the end result. I was returned the money from my bank AND the vendor on the same day about a week ago and both deposits are still in my account. I'm not touching it, but i'm also not going out of my way to alert either party of their error.
I'll be pretty bummed when it ends up being re-withdrawn from my account, but what can you do.
I was seriously pissed when it happened, however, i'm still trying to figure out what to make of the end result. I was returned the money from my bank AND the vendor on the same day about a week ago and both deposits are still in my account. I'm not touching it, but i'm also not going out of my way to alert either party of their error.
I'll be pretty bummed when it ends up being re-withdrawn from my account, but what can you do.
Mermaid
Well-Known Member
Just wanted to add my $.02 to this thread, as I work in the software industry and our product serves the banking industry. I too am one of those folks who has to deal with information security issues on a regular basis.
Most small business don't have anything to do with storing credit card data.
The data that is collected from their secure web site is processed by a third party vendor.
The secure data is transmitted from web server to web server via a secure connection, and for the most part, the millions of transactions that are processed every day are processed without incident.
The big banks are set up to watch for fraud (Wells, Chase, BofA, they all deal with this stuff every day). Many of them have what is known as "risk management" software installed on their systems to detect pattens of potentially fraudulent transactions.
That's why so many folks received phone calls from their banks - the banks watch your transactions and most of them can recognize when an "at risk" transaction shows up.
The individual merchants/small businesses may not always "know" when their credit card processor has been compromised.
If you think of it like this - a credit card processing company may have thousands of small businesses as their "customers". If one batch, or several batches of transactions have been "sniffed" then the credit card processor has to investigate, file a report with the Fed, let their customers know, etc. those things take time.
Bottom line is, I would bet that AHS was perhaps the "last to know" and would likely not have a staff of information security "geeks" on staff to investigate where the hack took place. That's why they hire the 3rd party processor in the first place.
I'm not saying folks don't have a right to be angry, scared, etc. but taking it out on the vendor may not solve anything. Hackers are "smart" little buggers. Customers should be smart (keep your computer free of malware), monitor your accounts, and call your bank if you suspect a problem.
If you still feel unsure or unsafe about using your checking account based "credit card" (debit card) for online purchases, you could always get something like a greendot card, and put just enough money to cover purchases on that card - to use for online purchases.
Most small business don't have anything to do with storing credit card data.
The data that is collected from their secure web site is processed by a third party vendor.
The secure data is transmitted from web server to web server via a secure connection, and for the most part, the millions of transactions that are processed every day are processed without incident.
The big banks are set up to watch for fraud (Wells, Chase, BofA, they all deal with this stuff every day). Many of them have what is known as "risk management" software installed on their systems to detect pattens of potentially fraudulent transactions.
That's why so many folks received phone calls from their banks - the banks watch your transactions and most of them can recognize when an "at risk" transaction shows up.
The individual merchants/small businesses may not always "know" when their credit card processor has been compromised.
If you think of it like this - a credit card processing company may have thousands of small businesses as their "customers". If one batch, or several batches of transactions have been "sniffed" then the credit card processor has to investigate, file a report with the Fed, let their customers know, etc. those things take time.
Bottom line is, I would bet that AHS was perhaps the "last to know" and would likely not have a staff of information security "geeks" on staff to investigate where the hack took place. That's why they hire the 3rd party processor in the first place.
I'm not saying folks don't have a right to be angry, scared, etc. but taking it out on the vendor may not solve anything. Hackers are "smart" little buggers. Customers should be smart (keep your computer free of malware), monitor your accounts, and call your bank if you suspect a problem.
If you still feel unsure or unsafe about using your checking account based "credit card" (debit card) for online purchases, you could always get something like a greendot card, and put just enough money to cover purchases on that card - to use for online purchases.
knotquiteawake
Well-Known Member
Wells Fargo totally and completely failed me on this one. I CANCELED my card and yet on the 14th there's an international charge on it for $600+ and then an additional $19.95 charge for International Transaction???
and this didn't raise any suspicion?
My friend who bank with local credit unions tell me that they have been called even if something looked remotely suspicious, or if they used their card out of state at a gas station, or if they used it at two gas stations within an hour of time.
What Mermaid says is true. I've worked with several large chain retailers and Payment Card Industry compliance. Many folks would be shocked at how many big name retailers have been derelict with their network security setups and the way they handle CC transactions. Many businesses are finally realizing that the risk to their reputation from a fraud event has the potential to cost them far more than the up front IT spend they've all been trying to put off.
r8rphan
Well-Known Member
That's pretty much my attitude to all of this... on all points...
That, and I'm loving my new perlick equipped faucet box...
Just got the first package I ever ordered from AHS on Friday.
The credit card slip *without a doubt* indicates that the credit card is processed manually at the storefront, by somebody working there. So it's a tad bit insulting to one's intelligence when people start talking about how AHS is also 100% a victim here, citing the regular practices of online credit card processors. Anything working off the assumption that the transactions are going straight through to a third-party processor can be thrown out the window.
In fact, the credit cards are far more vulnerable sitting on a storefront computer, which a small business cannot possibly afford to adequately secure. It's also accessible to some employees obviously... and that means a high potential that somebody who's not supposed to have access, does as well. I doubt they're printing any of the information out in any way... but only because that would be astonishingly stupid (so maybe I really, REALLY just hope they haven't been doing it.)
Bottom line... some of these scenarios people are coming up with (sometimes even in order to defend AHS) are just bizarrely unlikely, especially given the extremely insecure practices that were in place. There's a very good reason that online transactions are supposed to go straight through to a third party that specializes in transaction processing and security. So I think it's a bit much, knowing all this, to consider AHS just as much a victim here as anyone else - operating like they have been is just kind of negligent. I'm not going to accuse them of something I have no idea about, but often the reason that small businesses do this is to avoid the extra costs associated with using an online card processor, which is absolutely unacceptable WHEN it's the case.
All that being said, I'm not going to make myself suffer just to make a point, and I don't think anybody should. I'll buy from them when I need to... but I'll definitely be using PayPal in the future in lieu of their own third-party online transaction processor, since they apparently aren't using one.
The credit card slip *without a doubt* indicates that the credit card is processed manually at the storefront, by somebody working there. So it's a tad bit insulting to one's intelligence when people start talking about how AHS is also 100% a victim here, citing the regular practices of online credit card processors. Anything working off the assumption that the transactions are going straight through to a third-party processor can be thrown out the window.
In fact, the credit cards are far more vulnerable sitting on a storefront computer, which a small business cannot possibly afford to adequately secure. It's also accessible to some employees obviously... and that means a high potential that somebody who's not supposed to have access, does as well. I doubt they're printing any of the information out in any way... but only because that would be astonishingly stupid (so maybe I really, REALLY just hope they haven't been doing it.)
Bottom line... some of these scenarios people are coming up with (sometimes even in order to defend AHS) are just bizarrely unlikely, especially given the extremely insecure practices that were in place. There's a very good reason that online transactions are supposed to go straight through to a third party that specializes in transaction processing and security. So I think it's a bit much, knowing all this, to consider AHS just as much a victim here as anyone else - operating like they have been is just kind of negligent. I'm not going to accuse them of something I have no idea about, but often the reason that small businesses do this is to avoid the extra costs associated with using an online card processor, which is absolutely unacceptable WHEN it's the case.
All that being said, I'm not going to make myself suffer just to make a point, and I don't think anybody should. I'll buy from them when I need to... but I'll definitely be using PayPal in the future in lieu of their own third-party online transaction processor, since they apparently aren't using one.
Sorry just have to throw my 2 cents in with this. I was too hit with fraudulent charges on not only my bank debit card, but also my company gift card. Nothing too major was purchased on my bank debit card, just a feeler purchase for 1.51. My bank shut down that card ASAP.
My company gift card, had only 60 bucks on it, but they tried to make a $3,000 and a 500 purchase...if they only knew how cheap my company was..lol.
The funniest and most embarassing part of this whole thing is, I was taking a girl for a first date (lunch)..things went well and I paid, but the cashier came back and said, "Sorry sir, your card is declined!" Luckily I had a few CCs that I could pay with, but the conversation that followed was a tough one to explain.
Apparently the bank forgot to tell me that my card had a hold on it until I contacted them; but they had the wrong contact number in their systems for me, so I was never informed of it..
I love AHS and will continue to buy from them in the future!
My company gift card, had only 60 bucks on it, but they tried to make a $3,000 and a 500 purchase...if they only knew how cheap my company was..lol.
The funniest and most embarassing part of this whole thing is, I was taking a girl for a first date (lunch)..things went well and I paid, but the cashier came back and said, "Sorry sir, your card is declined!" Luckily I had a few CCs that I could pay with, but the conversation that followed was a tough one to explain.
Apparently the bank forgot to tell me that my card had a hold on it until I contacted them; but they had the wrong contact number in their systems for me, so I was never informed of it..
I love AHS and will continue to buy from them in the future!
RegionalChaos
Well-Known Member
Here is an article about a book that Wired is publishing that sheds some light on how some credit card hijackers work:
http://www.wired.com/threatlevel/2011/02/kingpin-excerpt/
Thought some folks in this thread might find it informative and relevant.
http://www.wired.com/threatlevel/2011/02/kingpin-excerpt/
Thought some folks in this thread might find it informative and relevant.
Ralelen
Well-Known Member
So no updates from AHS in a few days? Whats going on Forrest?
- Status
