Possible supplier credit card database breach

Home

My FlyingGiants

Blogs

Classifieds

FORUMS

Members

News

Search

Find New Posts

All Forums

Subscribed Forums

View Unanswered Threads

Search Forums

Show Posts Show Threads

Advanced Search

Tools

Post Hucker

Mark Forums Read

Sign Up!

Hinckley Bill · 11-19-2008, 08:41 AM

Hey Folks,

Figured that this would be the best place to post this issue that has come up.

There may have been a breach in one of our suppliers' database which includes credit card information. The supplier is FMA Direct.

This information was first posted out on RCGroups under at this link:

http://www.rcgroups.com/forums/showt...6#post10970569

As I indicated in my part of the RCGroups thread I've definitely experienced the "fraud" issue just shortly after placing an order with FMA Direct and have direct knowledge of a fellow club member who had the same thing happen to him after placing an order with the company.

I've sent an email to the VP of Marketing of FMA Direct asking for clarification of the issue so we'll see what comes back, but I believe we all need to help each other avoid potentially dangerous financial situations.

Bill

ChrisHays · 11-19-2008, 09:44 AM

i am going through an issue with my visa that my bank called me on .. i have had a bunch of charges from random places online hitting my account.. matter of fact i cant use my account due to this happening.. waiting on a new card and account number

Horsetrader_12345 · 11-19-2008, 09:48 AM

How do you like other people spending you money?

Socialism in a direct kinda way?

Chuck

ChrisHays · 11-19-2008, 09:52 AM

yea it sucks..im about to get it indirect and direct huh.. this has been a really big mess... paperwork.. phone calls.. blah blah blah

crazyjoe · 11-19-2008, 10:48 AM

	Quote: Originally Posted by ChrisHays
	i am going through an issue with my visa that my bank called me on .. i have had a bunch of charges from random places online hitting my account.. matter of fact i cant use my account due to this happening.. waiting on a new card and account number

I went through the same thing 2 weaks ago. And I have made online purchases from FMA

robertp17 · 11-19-2008, 10:49 AM

Wow! I ordered a cellpro 4s charger for them some time ago and afterwards I started getting charges from blockbuster online and some other stuff that I did not do. I never have even been to those websites. I had to call the bank and cancel my card and go thru all this PITA stuff. i never realized that it started after ordering something from fma.

decoy26 · 11-19-2008, 01:09 PM

I got hit did not know it was FMA though. My bank seems to have caught it before it got way out of hand but still PIA.

Hinckley Bill · 11-19-2008, 01:11 PM

One thing to note here...........while it sure does appear that ordering from FMA Direct is the "common thread" for those of us who have subsequently suffered credit card fraud I've been told over on RCGroups that it could in fact be the credit card processor for FMA Direct that has the problem.

Unfortunately for FMA Direct until I get a satisfactory response to my inquiry on the problem I won't be ordering anything from them.

FENWAYFLYER · 11-19-2008, 01:22 PM

I got an email well my got the email several weeks back about our account. The email said we needed to update our online banking because their was an issue, so my wife proceeded to give this lady all our account info like passwords blah blah blah.

After several minutes my wife had a bad feeling so hung up and called the bank. I guess somebody had hacked into the State of Delaware's direct deposit account and was emailing several hundred people and just sitting back waiting for the calls to come in.

We were lucky not to have any moneys stolen but everything had to be changed. What a nightmare.

Hinckley Bill · 11-19-2008, 01:37 PM

Hey Folks,

Just received this information from Mr. Marks at FMA Direct.....it's been posted on RCGroups as well

During the last week of October, FMA received two inquiries within a matter of days about possible compromised credit cards. In both cases the customer informed us that they had used their card at multiple online sites and could not confirm which site(s) could have been compromised. We promptly notified the company who hosts our website about the possible compromise of our database. After extensive research on their end, our website host notified FMA that no breach could be detected. Nevertheless, as of November 1, 2008 the additional precautionary measures were implemented by FMA’s host:

1) Hardened all login passwords that could have presented an opportunity for such theft.
2) Added stronger encryption algorithms to any credit card transactions received on our partner's web hosting company’s servers.
3) Added additional security measures to further ensure credit card information is secure at our web hosting service.

This thread on RCG came to our attention yesterday. Unfortunately, we were not aware of the thread on Wattflyer that was reported here. Had we been aware of the Wattflyer post, FMA would have responded immediately. Although our web provider still contends that no breach has been detected, FMA recognizes from the number of incidents reported on the forums, that a breach of the system may have occurred. As such, we are notifying the readers of this forum and Wattflyer to notify their credit card companies. Additionally, FMA Direct will take steps to notify customers who have transacted business through our online services. We assure you that we will remain vigilant moving forward with regard to any such attempts to compromise the trust between FMA Direct and our loyal customers. I would like to reiterate what others in this thread have stated: online credit card business remains to be a safe and efficient means of transacting business worldwide.

ChrisHays · 11-19-2008, 01:58 PM

well..atleast you recieved an answer........

Hinckley Bill · 11-19-2008, 02:02 PM

Something is definitely better than nothing and at least they're attempting to inform those who may not realize they've been smacked with false charges...............

IBTRIN · 11-19-2008, 07:43 PM

chalk me up for hit on this....I don't know where it came from, but I did just purchase some items FMA.
a bunch of i tunes...

Joe_Curd · 11-19-2008, 08:21 PM

Just a heads up guys. Both Visa and Mastercard have very strict compliance standards for processing credit cards on line. There are a number of companies that perform scans of a providers website to determine vulnerabilities that can result in the theft of credit card numbers.

This is the type of company that I'm referring to:

http://securitymetrics.com/?gclid=CI...FSAUagod80EeZg

Compliance is mandatory.

Joe Curd
www.CommonSenseRC.com
http://www.youtube.com/user/CommonSenseRC

rede2fly · 11-19-2008, 08:30 PM

wow this is crazy i just got hit as well. but not from ordering from fma... iam glad i have capital one. they stoped it, and i did not even know it.

until i tryed to use the card. i called them and they told me 1 was for 95 and change and the other was napster for a buck and change. waiting on new card now. i told them i would have most likely never spotted it

11-19-2008, 08:41 AM	#1
Hinckley Bill Bad-ass Super Contributer! Join Date: Jan 2006 Location: Hinckley Illinois Posts: 1,046	Possible supplier credit card database breach Hey Folks, Figured that this would be the best place to post this issue that has come up. There may have been a breach in one of our suppliers' database which includes credit card information. The supplier is FMA Direct. This information was first posted out on RCGroups under at this link: http://www.rcgroups.com/forums/showt...6#post10970569 As I indicated in my part of the RCGroups thread I've definitely experienced the "fraud" issue just shortly after placing an order with FMA Direct and have direct knowledge of a fellow club member who had the same thing happen to him after placing an order with the company. I've sent an email to the VP of Marketing of FMA Direct asking for clarification of the issue so we'll see what comes back, but I believe we all need to help each other avoid potentially dangerous financial situations. Bill

11-19-2008, 09:44 AM	#2
ChrisHays Bad-ass Super Contributer! Join Date: Mar 2006 Location: Memphis Tn Age: 29 Posts: 366	Re: Possible supplier credit card database breach i am going through an issue with my visa that my bank called me on .. i have had a bunch of charges from random places online hitting my account.. matter of fact i cant use my account due to this happening.. waiting on a new card and account number __________________

11-19-2008, 09:48 AM	#3
Horsetrader_12345 18.5 IN. Cutthroat ALberta Join Date: Oct 2006 Location: Ft. Worth. Texas Age: 45 Posts: 326	Re: Possible supplier credit card database breach How do you like other people spending you money? Socialism in a direct kinda way? Chuck

11-19-2008, 09:52 AM	#4
ChrisHays Bad-ass Super Contributer! Join Date: Mar 2006 Location: Memphis Tn Age: 29 Posts: 366	Re: Possible supplier credit card database breach yea it sucks..im about to get it indirect and direct huh.. this has been a really big mess... paperwork.. phone calls.. blah blah blah __________________

11-19-2008, 10:49 AM	#6
robertp17 Bad-ass Super Contributer! Join Date: Sep 2007 Location: Middletown, Delaware Age: 34 Posts: 1,369	Re: Possible supplier credit card database breach Wow! I ordered a cellpro 4s charger for them some time ago and afterwards I started getting charges from blockbuster online and some other stuff that I did not do. I never have even been to those websites. I had to call the bank and cancel my card and go thru all this PITA stuff. i never realized that it started after ordering something from fma. __________________ Forget the past but remember what it taught you. www.stansphotos.com

11-19-2008, 01:09 PM	#7
decoy26 Displaced Missouri Boy!!! Join Date: May 2007 Location: Honolulu, OAHU Age: 38 Posts: 467	Re: Possible supplier credit card database breach I got hit did not know it was FMA though. My bank seems to have caught it before it got way out of hand but still PIA.

11-19-2008, 01:11 PM	#8
Hinckley Bill Bad-ass Super Contributer! Join Date: Jan 2006 Location: Hinckley Illinois Posts: 1,046	Re: Possible supplier credit card database breach One thing to note here...........while it sure does appear that ordering from FMA Direct is the "common thread" for those of us who have subsequently suffered credit card fraud I've been told over on RCGroups that it could in fact be the credit card processor for FMA Direct that has the problem. Unfortunately for FMA Direct until I get a satisfactory response to my inquiry on the problem I won't be ordering anything from them.

11-19-2008, 01:22 PM	#9
FENWAYFLYER Look at this stupid thing Join Date: Jan 2008 Location: Smyrna,De Age: 37 Posts: 1,004	Re: Possible supplier credit card database breach I got an email well my got the email several weeks back about our account. The email said we needed to update our online banking because their was an issue, so my wife proceeded to give this lady all our account info like passwords blah blah blah. After several minutes my wife had a bad feeling so hung up and called the bank. I guess somebody had hacked into the State of Delaware's direct deposit account and was emailing several hundred people and just sitting back waiting for the calls to come in. We were lucky not to have any moneys stolen but everything had to be changed. What a nightmare. __________________ I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I said.

11-19-2008, 01:37 PM	#10
Hinckley Bill Bad-ass Super Contributer! Join Date: Jan 2006 Location: Hinckley Illinois Posts: 1,046	Re: Possible supplier credit card database breach Hey Folks, Just received this information from Mr. Marks at FMA Direct.....it's been posted on RCGroups as well During the last week of October, FMA received two inquiries within a matter of days about possible compromised credit cards. In both cases the customer informed us that they had used their card at multiple online sites and could not confirm which site(s) could have been compromised. We promptly notified the company who hosts our website about the possible compromise of our database. After extensive research on their end, our website host notified FMA that no breach could be detected. Nevertheless, as of November 1, 2008 the additional precautionary measures were implemented by FMA’s host: 1) Hardened all login passwords that could have presented an opportunity for such theft. 2) Added stronger encryption algorithms to any credit card transactions received on our partner's web hosting company’s servers. 3) Added additional security measures to further ensure credit card information is secure at our web hosting service. This thread on RCG came to our attention yesterday. Unfortunately, we were not aware of the thread on Wattflyer that was reported here. Had we been aware of the Wattflyer post, FMA would have responded immediately. Although our web provider still contends that no breach has been detected, FMA recognizes from the number of incidents reported on the forums, that a breach of the system may have occurred. As such, we are notifying the readers of this forum and Wattflyer to notify their credit card companies. Additionally, FMA Direct will take steps to notify customers who have transacted business through our online services. We assure you that we will remain vigilant moving forward with regard to any such attempts to compromise the trust between FMA Direct and our loyal customers. I would like to reiterate what others in this thread have stated: online credit card business remains to be a safe and efficient means of transacting business worldwide. Last edited by Hinckley Bill; 11-19-2008 at 01:46 PM.

11-19-2008, 01:58 PM	#11
ChrisHays Bad-ass Super Contributer! Join Date: Mar 2006 Location: Memphis Tn Age: 29 Posts: 366	Re: Possible supplier credit card database breach well..atleast you recieved an answer........ __________________

11-19-2008, 02:02 PM	#12
Hinckley Bill Bad-ass Super Contributer! Join Date: Jan 2006 Location: Hinckley Illinois Posts: 1,046	Re: Possible supplier credit card database breach Something is definitely better than nothing and at least they're attempting to inform those who may not realize they've been smacked with false charges...............

11-19-2008, 07:43 PM	#13
IBTRIN Bad-ass Super Contributer! Join Date: Apr 2007 Location: United States, TX Posts: 324	Re: Possible supplier credit card database breach chalk me up for hit on this....I don't know where it came from, but I did just purchase some items FMA. a bunch of i tunes...

11-19-2008, 08:21 PM	#14
Joe_Curd Flyin' Around Join Date: Jun 2008 Posts: 1	Re: Possible supplier credit card database breach Just a heads up guys. Both Visa and Mastercard have very strict compliance standards for processing credit cards on line. There are a number of companies that perform scans of a providers website to determine vulnerabilities that can result in the theft of credit card numbers. This is the type of company that I'm referring to: http://securitymetrics.com/?gclid=CI...FSAUagod80EeZg Compliance is mandatory. Joe Curd www.CommonSenseRC.com http://www.youtube.com/user/CommonSenseRC

11-19-2008, 08:30 PM	#15
rede2fly GRAVITY SUCKS Join Date: Jan 2006 Location: florida Posts: 4,281	Re: Possible supplier credit card database breach wow this is crazy i just got hit as well. but not from ordering from fma... iam glad i have capital one. they stoped it, and i did not even know it. until i tryed to use the card. i called them and they told me 1 was for 95 and change and the other was napster for a buck and change. waiting on new card now. i told them i would have most likely never spotted it

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
12FG Update: Need Help	BR289	Radios	11	01-15-2008 09:00 PM