Page 1 of 5
Various people report unauthorized charges appearing on credit cards; TFsource possibly hacked
Posted:
Thu Jan 07, 2010 9:59 amby payton34
TFSource has been hacked.
Thanks to DarthMagnificus for being the first to notice this:
http://www.tfw2005.com/boards/transform ... mised.htmlCheck your credit cards for completed or pending purchases of $1-$3 worth of iTunes. Many members have been hit with this already so let's all help each other to catch it quickly before it really gets out of hand.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 11:08 amby LiKwid
Yeah this would suck...~Checks statement~ Well this seals the deal on TF source...Not using them again...
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 11:11 amby payton34
Yeah, I checked online earlier this morning and it didn't show anything. However, just to double-check I called anyway to see if there were any pending charges and sure enough, two pending charges for $1 and $1.50 (for iTunes and some Mobile prepaid minutes thing).
This sucks.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 12:28 pmby Counterpunch
Some ole' bullshit is afoot...
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 12:35 pmby First Gen
Not good. I got some charges too. Gotta go through alot of hoopla to dispute them now.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 12:59 pmby payton34
Here's a reply from Curt @ TFSource:
Hi All -
We appreciate this being brought to our attention right away. We've been working on this diligently and have implemented several other security precautions on our site immediately regardless of the route cause of the issue. Anyone who feels they may have been compromised, or wants us to delete their card information, is more than willing to email us and we'll be happy to do so. At the same time I want to let all know that I am confident in the security of the site, and even my information is registered on TFsource.
Regarding credit card data, it's not stored on TFSource, it is stored on a secure 3rd party's site, one that hosts many famous and household name sites, that's why we selected this resource. It's always possible a section of their data has been compromised but we have not been notified as such.
Regarding access to this data, no one at TFsource has this access, except for me, and rest assured I am not using anyone's data to make fraudulent purchases as TFsource has always had a high level of integrity and that's not something that we're going to change.
Anyone that feels they have had information compromised as a result of our site, or even potentially is more than welcome to email me directly. We've been working all morning with our coding team working full force on looking at any potential security issues, and will work to ensure everyone's information is safe and secure when accessing TFsource now and in the future.
Thanks,
Curt
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 1:20 pmby First Gen
This sounds like something that may not be under TFSource's control. I checked my Paypal account just to be sure, and there was no charges through there, though the credit card used is linked to my paypal.
Advice that was just given to me I will pass on to you, call your CC company immediately and cancel the card for a new one. Hackers may have gotten ahold of random numbers, not sure from where or how old, and are using this 1 buck charges to make sure the card number is valid.
And if possible, use Paypal for your transactions with TFSource. Despite this issue, it is still a great group of people that offer some great deals on Transformers. I won't let this incident discourage me from future purchases with them.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 2:34 pmby Seibertron
It has been brought to Seibertron.com's attention that some members of the Transformers online community have received unauthorized charges on their credit or debit cards. While there is much speculation pertaining to this issue, no one has been able to confirm the source of the security breach.
People affected by this issue are reporting unauthorized charges in small dollar amounts (under $10) appearing from well known and respected companies such as iTunes and Microsoft. These charges have appeared within the past month (for most, within the past week). You can view discussions and speculation about this unfortunate issue at
Seibertron.com and
TFW2005.com.
Please note that if you see any suspicious information pending on your credit card account(s), that you should immediately call the 800 number on the back of your card, inform them that you think the card number might have been stolen and that you would like them to send you a new card. Here is some additional information about credit card fraud that you should read.http://www.scambusters.org/CreditCardFraud.htmlScamBusters.org wrote:If you suspect credit card fraud:
If your credit cards are lost or stolen, contact the issuer(s) immediately.
Most credit card companies have toll-free numbers and 24-hour service to deal with these emergencies -- they are eager to avoid credit card fraud.
According to US law, once you have reported the loss or theft of your credit card, you have no more responsibility for unauthorized charges. Further, your maximum liability under federal US law is $50 per credit card -- and many credit card issuers will even waive that fee for good customers.
If you follow all these tips, it will go a long way in protecting you from credit card fraud.
Fellow Seibertronian, payton34, has been vigilant this morning contacting two popular online Transformers retailers regarding this situation. Here are the messages that he received from tfsource.com and bigbadtoystore.com respectively:
TFsource.com wrote:Hi All -
We appreciate this being brought to our attention right away. We've been working on this diligently and have implemented several other security precautions on our site immediately regardless of the route cause of the issue. Anyone who feels they may have been compromised, or wants us to delete their card information, is more than willing to email us and we'll be happy to do so. At the same time I want to let all know that I am confident in the security of the site, and even my information is registered on TFsource.
Regarding credit card data, it's not stored on TFSource, it is stored on a secure 3rd party's site, one that hosts many famous and household name sites, that's why we selected this resource. It's always possible a section of their data has been compromised but we have not been notified as such.
Regarding access to this data, no one at TFsource has this access, except for me, and rest assured I am not using anyone's data to make fraudulent purchases as TFsource has always had a high level of integrity and that's not something that we're going to change.
Anyone that feels they have had information compromised as a result of our site, or even potentially is more than welcome to email me directly. We've been working all morning with our coding team working full force on looking at any potential security issues, and will work to ensure everyone's information is safe and secure when accessing TFsource now and in the future.
Thanks,
Curt
BigBadToyStore.com wrote:Hi Michael - thanks for sending the information over, I'm sorry to hear this has happened to TFSource, I've worked with Curt and his family on a few occaisons and met them at Botcon and they are great people.
I appreciate your concern for BBTS users and their information - BBTS has spent considerable time and resources to make sure our customers' financial data is safe. We are PCI compliant and additionally do not store full credit card information on our servers. All information is securely kept and processed by Paypal, our credit card processing gateway. Because cards are stored by Paypal, no employee or owner at BBTS has access to your full credit card information, we can only view the first 4 and last 4 digits. We also invest heavily in intrusion prevention and monitoring systems that protect our systems from any type of attack. Our systems are tested daily for vulnerabilities and are monitored by a staff of security experts 24 hours a day.
Thanks!
Joel Boblit
President
www.BigBadToyStore.com
Please stay tuned to Seibertron.com for additional information regarding this situation. We will keep you informed as new information becomes available regarding this unfortunate situation.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 2:45 pmby Cyberstrike
This why I deal in money orders with BBTS.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 3:08 pmby dragons
wow that sucks i was tempted to buy seom stuff from tfsource that bbts may not have in stock or all out of but anyway i dont think i would have orderd from them anyyway if this situation did not happen i think there location is oversea i dont do overseas buying.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 3:13 pmby RiddlerJ
Betcha Swindle is involved.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 3:32 pmby LiKwid
Sure enough..I had 2 $1.50 charges from itunes on my statement today..This sucks because it was the 1st time I had used Tfsource..I only used them because they came highly reccomended..~Sigh~ Let the dialing of 800 #'s begin..
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 3:52 pmby Megatron Wolf
Good thing i havent used any of those providers since i got my new debit card. Just to be safe i checked my account anyway and its fine.........for now. This is skynets doing i tell ya. What better way to amass much needed money for resources than charge every one $1.25. Its such a low denomination that a good amount of people wont do anything about it. Especially if its from a service that they use.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 3:55 pmby Wajo357
I don't usually post, but I just wanted to thank the admins for doing the right thing and front-paging this very important news...
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 4:18 pmby titaniumluv
I have been buying from Curt for several years and have been nothing but happy. He and his offer some of the best customer service I have ever had. I had several charges on my card as well. I am going to switch to pay pal for payment but will continue to use TFSource. Please don't let this diswade you from using him, even the pentagon gets hacked once in a while.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 4:23 pmby Starscream
Not TFsource's fault, it's just the reality of online ecommerce.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 4:39 pmby the_dark_decepticon
Good work on getting this posted guys. This is a great example why you don't store your credit cards on these sites. I always use PayPal for that extra bit of protection. That being said I don't think everyone should jump on the don't buy from there bandwagon. TFSourse is the best place to buy specialty TFs on the net. These things happen. Spend a little bit on the phone, get a new card, and forget about it. Lol!
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 4:45 pmby kirbenvost
Considering these are all small charges, could it be possible that it's the credit card service checking to see if the Credit Card info is up to date? I know for a fact (nearly) that some companies (Paypal included) make a small charge to your card when you first set up or change credit card info. This is only to test if the information you supplied is in fact correct. If the transaction is authorized they know the card is valid. The charges then do not get posted/claimed by them, and thus the amount is returned back to your available credit later on. I recently updated my credit card info with iTunes and they made a small $1 charge which has not been posted to my account, so I assumed this was the reason, other than that I have not had any strange transactions on my card, and I use both BBTS and TFSource.
Perhaps someone with more credit card knowledge can confirm or refute my theory?
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 5:03 pmby payton34
No, it's definitely a scam. Over 20-30 people have the exact same charge to their accounts, $1.00 for iTunes and $1.50 for some Mobile service. They're doing this (1) to see if the card works, and (2) most people have iTunes so they wouldn't notice a $1.00 charge on their card. Unfortunately, they've already gone to the next step with some people and have attempted charges ranging from $500 to $4000 on some accounts.
Bottom-line, don't just check your account online. Call a rep and have them look for pending transactions. If there's anything on there, cancel immediately.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 5:17 pmby Sodan-1
Does this just seem to be a problem with credit card information entered on TFSource or does it affect anyone who pays with PayPal as well?
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 5:19 pmby payton34
Sodan-1 wrote:Does this just seem to be a problem with credit card information entered on TFSource or does it affect anyone who pays with PayPal as well?
So far it seems to be credit card purchases only, paypal is fine.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 5:34 pmby Sodan-1
payton34 wrote:Sodan-1 wrote:Does this just seem to be a problem with credit card information entered on TFSource or does it affect anyone who pays with PayPal as well?
So far it seems to be credit card purchases only, paypal is fine.
Apologese if it was selfish of me to ask that, but thanks. Might go buy something now, lol.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 5:57 pmby Jenus
Earlier today I remember seeing an extra $1 on my pending charges and was wondering what that was all about. Called the credit card company and canceled my card. This stinks because I was getting ready to order two hard to find figures tomorrow to add to my beast wars collection.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 6:20 pmby Danamitron
PayPal my friends. They don't take PayPal we don't do business online.
Re: TFSource has been hacked, check your credit card statements
Posted:
Thu Jan 07, 2010 6:23 pmby Burn
Starscream wrote:Not TFsource's fault
I think this needs to be emphasised.
TFSource it's self wasn't hacked, but rather the 3rd party they deal through for their e-commerce was. It's very rare for ANY online business to do their own credit card processing, the majority will go through a 3rd party company who specialise in online trading. We do it here at work with our online site, none of the credit card details are kept on site or even on our server, it's all stored through the 3rd party company we pay to look after that sort of thing.
So don't let this tarnish your opinion of TFSource.