vectorA3 wrote:I've been trying to remain neutral on this, but can no longer turn a blind eye to this. In the last 15 posts, two more people reported they'd been hit, including Counterpunch. What more proof do we need? I've checked my Amex again, and no suspicious activity. I should probably cancel/change my # before anything goes down. While TFSource can say they were not hacked directly, the 3rd party company they use had to have been. Very bad business to not acknowledge for the customers, even if the neither of the sites were hacked. Bestbuy/bestbuy.com sent me an email this year warning of a potential breach to Epsilon. Fortunately no suspicious charges. I think I got a similar email from Chase when they were hit too. The least Tfsource & vendor could provide is a warning. Wth?
If they're not careful both of them are gonna wind up in some nasty lawsuits.
Counterpunch also acknowledged his card was used with the Sony Playstation Network. Considering the scale of that ordeal that brought down the Playstation Network for several weeks, I'd assume that his card was hit due to that situation and not TFsource.
As someone mentioned above, if Authorize.net was hacked, this wouldn't be limited to just TFsource.com. Authorize.net is HUGE. Massive. It's one of the two biggest players in the credit card processing field (the other being Verisign). Verisign and Authorize.net are like the Walmart and Target of the retail scene in America. Massive stores. One is bigger than the other but they both have a huge presence. And not just in America, but the world. Wikipedia cites them as the world's largest credit card processing company.
Authorize.Net is a payment gateway service provider allowing merchants to accept credit card and electronic checks payments through their Web site and over an IP (Internet Protocol) connection. Authorize.Net claims a user base of over 305,000 merchants, which would make them the Internet's largest payment gateway service provider.
I have worked on many e-commerce websites over the years that utilize Authorize.net, and am familiar with how Curt explained their system works which sounds just like how we used to integrate Authorize.net and Verisign.