Midwest Supplies

[JohnSand]

I wonder if Paypal is safe? They do sell on ebay.

 

[JasonO]

Crazy!! just as I was reading through this thread the amex app on my iphone started hitting with charges for online software sales. I placed an order June 4 with Midwest and my CC info is on file with them. I've already cancelled the card so not too much damage done. My first charge that showed up was from "The Software King" for $349.98. Not even sure what that company is lol.

-Jason

 

[Shakybones]

Confirmed.

DO NOT order from Midwest until they get this mess straightened out.

Really? I just made another couple of CC orders from MW the other day, my 10th and 11th CC order there since February. I check my account regularly and have never had a fraudulent charge.

I still don't believe you've "confirmed" anything, except that your card info was compromised somehow.

 

[sfgoat]

I wonder if Paypal is safe? They do sell on ebay.

I used to work in paypal's fraud department while I finished college and yea actually they are quite secure. All of the fraud and stolen financials that were used on the site was actually due to people's stupidity off the site and also due to viruses on their computers. They treat their people like **** but they do what they say.

 

[unionrdr]

I use paypal on midwest & any other site that offers it. No problems after I signed up with them.

 

[Marmike600]

Really? I just made another couple of CC orders from MW the other day, my 10th and 11th CC order there since February. I check my account regularly and have never had a fraudulent charge.

I still don't believe you've "confirmed" anything, except that your card info was compromised somehow.

There is seriously too many of us for it to be a coincidence. Get your head out of the sand.

 

[sfgoat]

There is seriously too many of us for it to be a coincidence. Get your head out of the sand.

It's actually extremely difficult to compromise an encrypted web server. So hard it actually takes a team if highly skilled hackers to do it. Based on what I've dealt with working in e-crime and the type of fraudulent charges you are seeing it is far more likely that you have a Trojan or a bit of malware on your pc. In fact unless you handle this stuff professionally its safe to say that about 95% of all non-Mac computers have a virus of some sort. These guys then use the info they collect to make purchases to "video game sites" or "Microsoft" services. Or sometimes they will buy from online retailers. These guys are smart so they don't go after servers or individual retail websites because that leaves a huge digital footprint. Verses a mass virus that get redistributed by every pc it infects therefore making it impossible to track.

I don't shop with Midwest. Just thought I'd throw it out there because I hate to see a retailer put on the chopping block when more than likely they are not in anyway responsible.

 

[MaxStout]

In fact unless you handle this stuff professionally its safe to say that about 95% of all non-Mac computers have a virus of some sort.

 

[sfgoat]

Couldn't give you a source. Stuff I learned doing intelligence work when I was with the special forces.

 

[MaxStout]

Couldn't give you a source.

Didn't think you could. But thanks for playing. :cross:

 

[pawpawdave]

What a wonderful explanation. Now I do not own a computer. I use a not very smart smartphone. I ordered my supplies over the phone. That's when you call and talk to a real person. Like we did before computers. My card was used, or whatever you call it. I don't order online.
I guess I should have my phone checked for bugs? From the way you explained it technology can't be at fault.

 

[bigmike99]

Have placed multiple orders this year but always used Paypal. No issues here.

 

[sfgoat]

What a wonderful explanation. Now I do not own a computer. I use a not very smart smartphone. I ordered my supplies over the phone. That's when you call and talk to a real person. Like we did before computers. My card was used, or whatever you call it. I don't order online.
I guess I should have my phone checked for bugs? From the way you explained it technology can't be at fault.

While possible, not likely. In that case I would say an employee is doing it.

 

[sfgoat]

Didn't think you could. But thanks for playing. :cross:

You are aweful hostile towards a guy just giving his 2 cents based on 15 years working in this exact field. My info is a little outdated (2004) when I last was told. But here is a link to current civilian stats: http://www.statisticbrain.com/computer-virus-statistics/
However this only represents stats for serious viruses.

 

[ChuckCollins]

I have had issues with Austin and now some one tried to use my card with Western Union this always happen when you shop online ....

 

[Shakybones]

There is seriously too many of us for it to be a coincidence. Get your head out of the sand.

So, I'm just the lucky exception? Is it only a matter of time? Are they satisfied with what they are stealing from you, so they haven't bothered with me?

Our brains are designed (evolved, if you prefer) to see patterns, even when none exist. Randomness often does not appear so, particularly when the sample size is small.

If you really feel like MW is to blame, then don't shop there anymore, or use paypal, as has been suggested. However, you really ought not to libel them with your baseless accusations. Before you flame me, take a minute to think this over. You have no proof of anything other than that your card has been used fraudulently.

~10% of all Americans have been victims of CC fraud. There are thousands of people on HBT. It is likely that thousands of them have made CC purchases from MW. There are less than 20 people who have reported fraud in this thread (a thread that any active member would have easily seen). You really are jumping to conclusions.

 

[pawpawdave]

I'm not going to flame you. My Son is the OP. I had the first problem on July 4th. As stated I ordered over the phone. Three days later he found out he had been hit. The only thing we had in common was MW orders. He was a member here and wondered if by chance anyone else had this in common. I bank with USAA. I made copies of this forum and faxed to them for their investigation. I hope whoever is doing this is caught.

 

[Shakybones]

I hope whoever is doing this is caught.

Me too. They are worthless parasites.

I'd just hate to see a good company lose business over something that may very well not be their fault.

 

[malweth]

You are aweful hostile towards a guy just giving his 2 cents based on 15 years working in this exact field. My info is a little outdated (2004) when I last was told. But here is a link to current civilian stats: http://www.statisticbrain.com/computer-virus-statistics/
However this only represents stats for serious viruses.

It's tough for those of us who are computer / security savvy to judge what the average user does. I can agree with that 95% of uses have experienced some sort of virus or other invasive software. That doesn't mean that these users have CC problems because of them. Most of this malicious software is adware or info tracking software. I see this sort of thing on family & friends' computers often (the XYZ toolbar, which earns me points and also tracks everything I do online, to be sold to various interested companies).


The problems with this thread have been covered pretty well already. It's a homebrew forum - there will always be positive correlation with shopping at MW (until this thread drives business away from them and toward a possibly less secure site). It's anecdotal, not evidence. A crowd can very easily draw the wrong conclusion together.

On the other hand, it is not common for a relatively small group of people to have so many CC issues within the same timespan (unless it's a group very free with information and/or not entirely bright - but I certainly hope we don't tweet our own CC numbers for fun).

The CC tokening system MW uses is very secure. I wouldn't normally suspect that to be a problem - but since I know very little about their particular implementation, of course it's possible. If MW's servers were hacked, it could be a man-in-the-middle attack, diverting CC info away from the site; I assume this would have been looked at by MW during their investigation. As others have said, it could also be any of the other sites in-between, including the consumers themselves.

Unfortunately, there's not much we can do *as* consumers. As mentioned... (1) Use PayPal (I always do when I can... and have never had security problems). (2) Use temporary CC numbers if your bank offers them. (3) Do not save card information, regardless of system security. (4) Never use credit cards on any small website (not just MW) without a secure 3rd party you trust (like PayPal). ~~ Following these general rules has kept my cards as safe as they can be... and that's the best I can do. There's still the possibilty my card could be stolen at any convenience store.

The only thing that isn't rational (but could certainly be caused by this thread) is to avoid business with MW. You're no safer elsewhere and there's not much proof that MW has a problem...

 

[sfgoat]

It's tough for those of us who are computer / security savvy to judge what the average user does. I can agree with that 95% of uses have experienced some sort of virus or other invasive software. That doesn't mean that these users have CC problems because of them. Most of this malicious software is adware or info tracking software. I see this sort of thing on family & friends' computers often (the XYZ toolbar, which earns me points and also tracks everything I do online, to be sold to various interested companies).

The problems with this thread have been covered pretty well already. It's a homebrew forum - there will always be positive correlation with shopping at MW (until this thread drives business away from them and toward a possibly less secure site). It's anecdotal, not evidence. A crowd can very easily draw the wrong conclusion together.

On the other hand, it is not common for a relatively small group of people to have so many CC issues within the same timespan (unless it's a group very free with information and/or not entirely bright - but I certainly hope we don't tweet our own CC numbers for fun).

The CC tokening system MW uses is very secure. I wouldn't normally suspect that to be a problem - but since I know very little about their particular implementation, of course it's possible. If MW's servers were hacked, it could be a man-in-the-middle attack, diverting CC info away from the site; I assume this would have been looked at by MW during their investigation. As others have said, it could also be any of the other sites in-between, including the consumers themselves.

Unfortunately, there's not much we can do *as* consumers. As mentioned... (1) Use PayPal (I always do when I can... and have never had security problems). (2) Use temporary CC numbers if your bank offers them. (3) Do not save card information, regardless of system security. (4) Never use credit cards on any small website (not just MW) without a secure 3rd party you trust (like PayPal). ~~ Following these general rules has kept my cards as safe as they can be... and that's the best I can do. There's still the possibilty my card could be stolen at any convenience store.

The only thing that isn't rational (but could certainly be caused by this thread) is to avoid business with MW. You're no safer elsewhere and there's not much proof that MW has a problem...

You said it better than I could. (I'm not very good at social dialect) but you hit what I was trying to say on the head. Thank you.

 

[Bobby_M]

I'm not buying the coincidence argument. I'm not saying MW is at fault. I'm saying that there seems to be a good chance of getting your CC number lifted if you place an order there. While I normally have 5-10 CC transactions per day, it just so happens that I only had ONE authorized on 7/28 and that's with midwest. That very same day someone makes a copy card and runs around with it. I suspect it's not just one person but a group that shares or sells card numbers because charges happened in Florida and Maryland at brick and mortar stores simultaneously.

Also, the people reporting this issue here are probably a very small portion of the people it has happened to. I know HBT is big, but there are plenty of homebrewers out there who don't use HBT regularly.

 

[evrose]

I'm not buying the coincidence argument.

I don't think it's a coincidence that you have this opinion and have a vendor account that sells in direct competition to Midwest.

Seriously, given the somewhat blatant conflict of interest, vendors shouldn't be commenting on other vendors in a thread like this.

 

[Shakybones]

I'm very curious about what the grieved parties here would like to see from Midwest. What, specifically, could they do that would possibly convince you that they are not responsible for your credit card problems?

 

[Bobby_M]

I don't think it's a coincidence that you have this opinion and have a vendor account that sells in direct competition to Midwest.

Seriously, given the somewhat blatant conflict of interest, vendors shouldn't be commenting on other vendors in a thread like this.

I can scan in my midwest receipt and also show you a copy/paste out of my visa ledger if you're really accusing me of slandering a competitor for unethical reasons. There are enough people on this forum who know me for long enough, and well enough, who can vouch for my ethics.

This is a thread about customers having problems with credit card fraud. I am a customer in that respect, and I've had the same problem. Period.

 

[scooter1981]

Add me to the list of compromised credit cards also.
Mine was a Discover card.
Three charges showed up today as pending payments, and Discover immediately texted about an issue.
Match.com, gymboree.com and valve software were the three charges.
Edit - now a charge from amazon.com for $1 is showing up also.

I'm not saying that Midwest is to blame, but possibly the company these use for credit card charge processing was hacked. We've never had an issue with our card. I ordered the pinlock keg deal a few weeks ago from Midwest, and now I'm part of this problem.

 

[JPFuller]

I am not jumping on Midwest with this post nor do I claim to know anything about I.T.
But, my Master Card went bust yesterday with a $30.00 purchase to some Gaming/Software outfit with an additional $1.00.00 charge to some accounting place. Purchased kegs from Midwest beginning of July, having not used the card in months, but I also made a subsequent single purchase at Home Depot and at Brew and Grow.
Only posting this to say that for the meantime anyway, I will be ressurecting my old PayPal Account.
For what its worth, my experience with Midwest has always been good, I beleive they are an ethical company and I will continue to patronize them, but I will not be using my credit card to do so.

 

[MikeMSD]

Add me to the list as well. I've only used my card in 2 places in the last 3 months. One was a gas station, which I went inside and paid at the register. The other was at Midwest for the 4 pin lock keg deal. Just got a call from Discover this morning that $1 had been charged at iTunes / Payroll. Went ahead and got my card cancelled. Bad thing is I have two more of my cards on there saved. I guess I need to go ahead and proactively cancel those just in case.

Also, not slamming Midwest in any way. I love those guys. They have fantastic custom service. Just want to add to the list here.

 

[stratslinger]

After Austin Homebrew's payment processor got hacked a couple years back (I'm the guy who started that particular thread), I've been sticking to PayPal for every dang thing I can online. It's tough to see when you're the one directly impacted by it, but Midwest (if they or one of their partners are indeed the source of a breach) are every bit as much a victim as the folks who's card info was stolen.

In the meantime, if you shop anywhere with a card - online or off (SWMBO had her debit card numbers stolen somewhere about a year ago, and NEVER uses that online) - keep an eye out for suspicious charges and try to use the most secure options available to you whenever you can. PayPal is a good option when available, and those single-use credit card numbers sound like a great option if your card company offers them. But remember that this stuff, sadly, happens every day and all over the place. Chances are it'll happen to you sooner or later - it's a major inconcenience, but Visa/Mastercard/Discover/Amex will take care of you through it, and things will work out.

 

[dgrums]

Not saying Midwest is the source but my card was also compromised and I had the information saved on the Midwest site. Started with a $1 charge for Star Wars The Old Republic online game and then two $39.99 charges from the same place. Then Meijer.com, shopatron.com and golfgalaxy.com. Golf galaxy caught it and canceled. My bank has the other charges flagged as fraud. This is my most used card so it could have come from a number of places but Golf Galaxy told me that they had my phone number, billing information and security code so that knocks a lot of places off the list and leaves only companies with whom I have my information stored.

 

[evrose]

Redacted by the CIA, FBI, NSA, White House, and Stone Brewing Co.