Jump to content

BRS got hacked!


Jimbo662

Recommended Posts

Credit card security is getting ridiculous, I have had to get at least 4 new credit cards sent to me these past couple years. It's not like I'm shopping at sketchy places either... its been Target, PF Changs, etc. Now its Bulk Reef Supply... guess I'll call my bank.

Link to comment
Share on other sites

Remember... Target and Home Depot were two of the largest breaches in the past few years. NEVER use your debit card with a PIN anywhere but the ATM. If your PIN is compromised the bad guys can empty your checking account. If your CC is stolen you're protected and you just have the pain of getting a new card. I agree with Jimbo on PayPal... Adds another layer of protection.

Bad guys like this are the reason I have a job protecting the Internet :-)

Sent from my iPhone using Tapatalk

Link to comment
Share on other sites

Figured I'd comment on this since I work in credit card processing specifically in IT.

Their message is pretty vague. Assuming they were using even the slightest bit of security and PCI best practices, it should have been impossible for someone to access full card numbers with the expiration date. I'm speculating / hoping that they were storing this offsite and full unencrypted card numbers weren't actually exposed. If this isn't the case, they're going to get some otherworldly fines because it's absolutely prohibited to store card numbers on an internet facing server, and any storage obviously needs to be encrypted. I've seen fines in the 6 and 7 figures from V/MC when they determine a merchant was egregiously negligent on securing their data. If they were storing full card numbers on a public facing server, it would likely fall into this category.

In the case of the target and other breaches, hackers were able to install malware on target servers, and then hop across private networks until they were finally able to access sensitive data. What made some of the big data thefts so bad was that they took data over a long period of time and didn't immediately use the data they were stealing, so by the time it was discovered, the actual number of cards involved was massive.

Also, if anyone is interested in a company that provides one time virtual credit card services, check these guys out (No personal affiliation with this company): https://www.abine.com/index.html They make a great free chrome plugin that blocks tracking software as well.

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

I only use the CC online just for this reason. My CC gets stolen twice a year it seems. I call the CC company, they do a song and dance, send me a new card and I go on my merry way. It's too bad we are moving away from a cash society.

Link to comment
Share on other sites

The credit card I used at BRS in december was hacked two days ago. The fraud guys denied the purchase. They're pretty good at detecting it, but it's still an inconvenience. I was traveling at the time and fortunately I always keep a safe card that has not been used online anywhere ...

Link to comment
Share on other sites

Crud I better spend the money in my card before the hackers do. I use a western union paycheck visa debit not attached to my bank for all online purchases. That way if I get hacked, I'll only lose what is on the card, which is only ever as much cash as I put on there for a specific purpose. Having had my identity (ss#) stolen twice I'm super paranoid. lol plus this keeps actual $ amounts spent on tank stuff hidden from the boss

Link to comment
Share on other sites

Solid chance I got hit with this. I'm in the process of disputing charges and working with the Identity theft protection company that BRS hired.

Just be prepared to wait 20 minutes before they'll ever connect you to a support rep.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...