Possible supplier credit card database breach - Page 2

Home

My FlyingGiants

Blogs

Classifieds

FORUMS

Members

News

Search

Find New Posts

All Forums

Subscribed Forums

View Unanswered Threads

Search Forums

Show Posts Show Threads

Advanced Search

Tools

Post Hucker

Mark Forums Read

Sign Up!

ChrisHays · 11-20-2008, 03:21 PM

ive recieved a new card from bank of america .. and have filed claims to get my money that was taken back.. roughly $400.. bank of america has been really helpful dealing with this and ive given them all the info on the company involved to hopefully it gets taken care of soon..i buy most of my hobby stuff online and this is the first time this has ever happened ...

DR10044 · 11-20-2008, 03:34 PM

I had to cancel a card due to unknown charges. Luckily the bank caught it. I had purchased from FMA direct also. I really appreciate them sending out the email referenced above.

sweetpea · 11-20-2008, 07:42 PM

I always look at my card statements after every month. I had an issue once at Riverside CA.

I used my bank debit card for Holiday Inn room. I used it as a credit card. I saw online when I was balancing the checkbook that I had 2 charges on it I didn't do. I called the companies the charges were from and got the name used for the charge (it didn't match my card). The companies didn't do any kind of check to ensure who the card was from and didn't even care that the card name didn't match the users name.

Now the user name was a spanish/mexican name. Funny that 90% of the workers at the hotel were spanish/mexican.

I got the bank to freeze the charge and refund the money immediately and I also got the companies to cnx the charge. I filed claims and supplied all the info I could find. It took about 20 days for everything to be free and clear.

sweetpea · 11-20-2008, 07:42 PM

I always look at my card statements after every month. I had an issue once at Riverside CA.

I used my bank debit card for Holiday Inn room. I used it as a credit card. This was the only place I used it over that weekend. I saw online when I was balancing the checkbook that I had 2 charges on it I didn't do. I called the companies the charges were from and got the name used for the charge (it didn't match my card and it all orginated from Riverside). The companies didn't do any kind of check to ensure who the card was from and didn't even care that the card name didn't match the users name.

Now the user name was a spanish/mexican name. Funny that 90% of the workers at the hotel were spanish/mexican.

I got the bank to freeze the charge and refund the money immediately and I also got the companies to cnx the charge. I filed claims and supplied all the info I could find. It took about 20 days for everything to be free and clear.

robertp17 · 11-24-2008, 04:48 PM

Hey guys I just got this email from FMA:

By now many have heard about the credit card security breach at FMA's web hosting company. This breach involved only online orders. You may receive duplicate messages via email about this situation. Please be patient as we are attempting to contact every FMA Direct online customer and overlap in the database is inevitable.

During the last week of October, FMA received two inquiries within a matter of days about possible compromised credit cards. In both cases the customer informed us that they had used their card at multiple online sites and could not confirm which site(s) could have been compromised. We promptly notified the company who hosts our website about the possible compromise of our database. After extensive research on their end, our website host notified FMA that no breach could be detected. Nevertheless, as of November 1, 2008 the additional precautionary measures were implemented by FMA's host:

1) Hardened all login passwords that could have presented an opportunity for such theft.
2) Added stronger encryption algorithms to any credit card transactions received on our partner's web hosting company's servers.
3) Added additional security measures to further ensure credit card information is secure at our web hosting service.

During subsequent investigation, it became apparent that the breach did, in fact, take place at FMA's web host company. As a result, FMA is advising all credit card customers who purchased through the FMA Direct website, to notify their credit card company immediately for possible fraudulent charges. We highly recommend that you cancel any credit card used at the FMA Direct site prior to November 1, 2008, even if no fraudulent charges have occurred.

FMA deeply regrets the inconvenience this has caused our customers. FMA Direct is a small, family owned business. This set of circumstances has been disturbing to our family. Since the breach became evident to the management of FMA we have reviewed all security measures and have taken steps including those outlined above to increase security. We are assured by our web hosting company that the online buying process through FMA Direct is secure. To further gain the trust of our valued customers, FMA has added PayPal as a secure buying method. All orders placed through PayPal go through their approved site which is the most secure buying site available.

FMA is currently offering specials on several products. In appreciation of your continued support we will extend an additional $10 discount on your next order for all existing customers through the end of the year. Please mention code SP112408.

robertp17 · 11-24-2008, 05:03 PM

I just looked and my order was placed on april 11th 08 and two months later in june I started having charges appear on my bank statement from block buster online and various other places. I cancelled the card and got a new one so I should be ok. I was glad because that is a pita not having a card.

smokin · 11-24-2008, 05:14 PM

i just had someone come into my business and say that they were from the company that we get our credit card swiper machine from and that he needed to hook his computer up to it and download all of our transactions due to a truncation error that may have occured. when i acted like this was bullsh*t he got very nervous and then produced a business card from the nationally well known company that looked rather official. i then asked him where my regular rep was and he said that she wasn't available to help us with this urgent matter due to her busy schedule and that i wouldn't be able to get her on the phone for a couple hours due to meetings and such at the office. i told him to take a hike and that i would NEVER let anyone hook up to any one of our computers, much less the CC machine, and that he needed to come back with my normal rep and a set appointment if we needed to discuss this any further. he then asked for his business card back and i refused. he then looked really scared and high-tailed it out of my building!

i called my buddy on the police force here and explained it to him and he took the necessary info but couldn't really do anything until i heard from the parent company about the legitimacy of the request.

Well.... the next day, my regular rep got back to me and let me know that the name on the business card was a real employee.... A YEAR AGO!!!!!

This is obviously a scam and i just wanted everybody here that owns a business to be aware of sh*t like this.... good luck to us all!

robertp17 · 11-24-2008, 05:51 PM

	Quote: Originally Posted by smokin
	i just had someone come into my business and say that they were from the company that we get our credit card swiper machine from and that he needed to hook his computer up to it and download all of our transactions due to a truncation error that may have occured. when i acted like this was bullsht he got very nervous and then produced a business card from the nationally well known company that looked rather official. i then asked him where my regular rep was and he said that she wasn't available to help us with this urgent matter due to her busy schedule and that i wouldn't be able to get her on the phone for a couple hours due to meetings and such at the office. i told him to take a hike and that i would NEVER let anyone hook up to any one of our computers, much less the CC machine, and that he needed to come back with my normal rep and a set appointment if we needed to discuss this any further. he then asked for his business card back and i refused. he then looked really scared and high-tailed it out of my building! i called my buddy on the police force here and explained it to him and he took the necessary info but couldn't really do anything until i heard from the parent company about the legitimacy of the request. Well.... the next day, my regular rep got back to me and let me know that the name on the business card was a real employee.... A YEAR AGO!!!!! This is obviously a scam and i just wanted everybody here that owns a business to be aware of sht like this.... good luck to us all!

Way to go

Not a lot of people would have done that. You may have saved many people a lot of grief. Thanks

11-20-2008, 03:21 PM	#16
ChrisHays Bad-ass Super Contributer! Join Date: Mar 2006 Location: Memphis Tn Age: 29 Posts: 366	Re: Possible supplier credit card database breach ive recieved a new card from bank of america .. and have filed claims to get my money that was taken back.. roughly $400.. bank of america has been really helpful dealing with this and ive given them all the info on the company involved to hopefully it gets taken care of soon..i buy most of my hobby stuff online and this is the first time this has ever happened ... __________________

11-20-2008, 03:34 PM	#17
DR10044 Is it summer yet? Join Date: Mar 2007 Location: Hodgenville, KY Age: 55 Posts: 694	Re: Possible supplier credit card database breach I had to cancel a card due to unknown charges. Luckily the bank caught it. I had purchased from FMA direct also. I really appreciate them sending out the email referenced above.

11-20-2008, 07:42 PM	#18
sweetpea If you can't HUCK it BLING IT! Join Date: Jan 2006 Location: Just Moved.......Hampton VA Age: 37 Posts: 9,269 Awards Showcase Total Awards: 2	Re: Possible supplier credit card database breach I always look at my card statements after every month. I had an issue once at Riverside CA. I used my bank debit card for Holiday Inn room. I used it as a credit card. I saw online when I was balancing the checkbook that I had 2 charges on it I didn't do. I called the companies the charges were from and got the name used for the charge (it didn't match my card). The companies didn't do any kind of check to ensure who the card was from and didn't even care that the card name didn't match the users name. Now the user name was a spanish/mexican name. Funny that 90% of the workers at the hotel were spanish/mexican. I got the bank to freeze the charge and refund the money immediately and I also got the companies to cnx the charge. I filed claims and supplied all the info I could find. It took about 20 days for everything to be free and clear. __________________ Offical Member of Team Caribou Lou "Some people spend an entire lifetime wondering if they made a difference in the world. But the U.S. ARMED FORCES don't have that problem." ...Ronald Reagan

11-20-2008, 07:42 PM	#19
sweetpea If you can't HUCK it BLING IT! Join Date: Jan 2006 Location: Just Moved.......Hampton VA Age: 37 Posts: 9,269 Awards Showcase Total Awards: 2	Re: Possible supplier credit card database breach I always look at my card statements after every month. I had an issue once at Riverside CA. I used my bank debit card for Holiday Inn room. I used it as a credit card. This was the only place I used it over that weekend. I saw online when I was balancing the checkbook that I had 2 charges on it I didn't do. I called the companies the charges were from and got the name used for the charge (it didn't match my card and it all orginated from Riverside). The companies didn't do any kind of check to ensure who the card was from and didn't even care that the card name didn't match the users name. Now the user name was a spanish/mexican name. Funny that 90% of the workers at the hotel were spanish/mexican. I got the bank to freeze the charge and refund the money immediately and I also got the companies to cnx the charge. I filed claims and supplied all the info I could find. It took about 20 days for everything to be free and clear. __________________ Offical Member of Team Caribou Lou "Some people spend an entire lifetime wondering if they made a difference in the world. But the U.S. ARMED FORCES don't have that problem." ...Ronald Reagan

11-24-2008, 04:48 PM	#20
robertp17 Bad-ass Super Contributer! Join Date: Sep 2007 Location: Middletown, Delaware Age: 34 Posts: 1,369	Re: Possible supplier credit card database breach Hey guys I just got this email from FMA: By now many have heard about the credit card security breach at FMA's web hosting company. This breach involved only online orders. You may receive duplicate messages via email about this situation. Please be patient as we are attempting to contact every FMA Direct online customer and overlap in the database is inevitable. During the last week of October, FMA received two inquiries within a matter of days about possible compromised credit cards. In both cases the customer informed us that they had used their card at multiple online sites and could not confirm which site(s) could have been compromised. We promptly notified the company who hosts our website about the possible compromise of our database. After extensive research on their end, our website host notified FMA that no breach could be detected. Nevertheless, as of November 1, 2008 the additional precautionary measures were implemented by FMA's host: 1) Hardened all login passwords that could have presented an opportunity for such theft. 2) Added stronger encryption algorithms to any credit card transactions received on our partner's web hosting company's servers. 3) Added additional security measures to further ensure credit card information is secure at our web hosting service. During subsequent investigation, it became apparent that the breach did, in fact, take place at FMA's web host company. As a result, FMA is advising all credit card customers who purchased through the FMA Direct website, to notify their credit card company immediately for possible fraudulent charges. We highly recommend that you cancel any credit card used at the FMA Direct site prior to November 1, 2008, even if no fraudulent charges have occurred. FMA deeply regrets the inconvenience this has caused our customers. FMA Direct is a small, family owned business. This set of circumstances has been disturbing to our family. Since the breach became evident to the management of FMA we have reviewed all security measures and have taken steps including those outlined above to increase security. We are assured by our web hosting company that the online buying process through FMA Direct is secure. To further gain the trust of our valued customers, FMA has added PayPal as a secure buying method. All orders placed through PayPal go through their approved site which is the most secure buying site available. FMA is currently offering specials on several products. In appreciation of your continued support we will extend an additional $10 discount on your next order for all existing customers through the end of the year. Please mention code SP112408. __________________ Forget the past but remember what it taught you. www.stansphotos.com

11-24-2008, 05:03 PM	#21
robertp17 Bad-ass Super Contributer! Join Date: Sep 2007 Location: Middletown, Delaware Age: 34 Posts: 1,369	Re: Possible supplier credit card database breach I just looked and my order was placed on april 11th 08 and two months later in june I started having charges appear on my bank statement from block buster online and various other places. I cancelled the card and got a new one so I should be ok. I was glad because that is a pita not having a card. __________________ Forget the past but remember what it taught you. www.stansphotos.com

11-24-2008, 05:14 PM	#22
smokin Team Aerotech R/C Models Join Date: Oct 2007 Location: clinton, ia. usa Age: 37 Posts: 5,149	Re: Possible supplier credit card database breach i just had someone come into my business and say that they were from the company that we get our credit card swiper machine from and that he needed to hook his computer up to it and download all of our transactions due to a truncation error that may have occured. when i acted like this was bullsht he got very nervous and then produced a business card from the nationally well known company that looked rather official. i then asked him where my regular rep was and he said that she wasn't available to help us with this urgent matter due to her busy schedule and that i wouldn't be able to get her on the phone for a couple hours due to meetings and such at the office. i told him to take a hike and that i would NEVER let anyone hook up to any one of our computers, much less the CC machine, and that he needed to come back with my normal rep and a set appointment if we needed to discuss this any further. he then asked for his business card back and i refused. he then looked really scared and high-tailed it out of my building! i called my buddy on the police force here and explained it to him and he took the necessary info but couldn't really do anything until i heard from the parent company about the legitimacy of the request. Well.... the next day, my regular rep got back to me and let me know that the name on the business card was a real employee.... A YEAR AGO!!!!! This is obviously a scam and i just wanted everybody here that owns a business to be aware of sht like this.... good luck to us all! __________________ www.AEROTECHRCMODELS.com Nothing flies like a HyperLITE!!! Special thanks to: *Team HITEC* Cactus Aviation

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
12FG Update: Need Help	BR289	Radios	11	01-15-2008 09:00 PM