ellajoan Posted March 26, 2018 Posted March 26, 2018 This is the 5th time in the last year that our credit card or debit card has been hacked. We are certain it is happening from one of our Candle Suppliers, as we only used both the Credit and Debit Cards to order candle supplies from our business accounts. I am beyond frustrated! I have contacted the company who we believe is the culprit (my guess is they have an unsecure website and don't realize it, OR they have a shady employee). The first time they told me it was the Equifax leak (which was a LONG time ago), and the second time I got no response at all. I am extra annoyed b/c I rely on this particular company for our lids--can't find them anywhere else. Again, not certain it's them, but the process of elimination in our orders gives us a pretty good guess. Has anyone else had a similar experience with their info being hacked? I am tired of hearing that hundreds or thousands of dollars have been spent on our account. Any suggestions for how to handle this? If yes, please PM me and let me know which candle company you used b/f the hack--maybe we can establish a pattern together. Quote
TallTayl Posted March 26, 2018 Posted March 26, 2018 Would you be able to use a card that you load the $ amount on manually with each order? Once you know the total amount, load the prepaid card with that amount only. 3 Quote
Jcandleattic Posted March 26, 2018 Posted March 26, 2018 Is it always the same card? If so I would close that account. I personally have not been affected (that I know of) and none of my accounts have been hit. The Equifax leak could still be the culprit, especially if they (hackers) already have some of your info. I believe we will see repercussions from that disaster for years to come. I'm with TT, I would get a prepaid card, and use that. Quote
ellajoan Posted March 26, 2018 Author Posted March 26, 2018 No, not the same card/account because every time I've been hacked we get a new card. Our newest business card has been debit, and that's been hacked twice now. Credit cards were hacked three times. It's odd though, that it's only when we order candle stuff. None of my "non-business" credit cards have been compromised. Quote
Tokoo Posted March 26, 2018 Posted March 26, 2018 Actually what company did you order from by chance. I have never had a credit card incident in 15+ years, but last month my was stole. I don't like jumping to conclusions either, but the only sites I bought from last month was a few candle suppliers, and Amazon. Quote
ellajoan Posted March 26, 2018 Author Posted March 26, 2018 Tookoo, because I don't want to falsely accuse any suppliers publicly (and like I said, I doubt very highly they even know if their site is not secure). I will PM you who I suspect it could be. Quote
Candybee Posted March 26, 2018 Posted March 26, 2018 If this were happening to me I would call the supplier and order by phone. This may be an inconvenience right now but if it is in fact the supplier you will know for sure. When you buy supplies do you check the website addy to make sure its a secure site? Also, is your computer security program up to date? Does is specifically include protection when shopping on websites? Not all programs do. Make sure it does and always check the website and make sure its a secure site. Have you tried using another computer to make your purchases from? What other sites do you use your card at? Gas stations and Walmart are notorious for hacking cards. Especially any outdoor card readers can be compromised. Don't discount the Equifax leak. Like JC said that will continue to be a problem for a long time. Maybe years. You can change cards but your info is still compromised. If you are so certain its one particular supplier you should shop around for another. It may be hard to find one that carries your exact supplies but there are other suppliers and this could be your best option. I really feel for you. I have had my card info hacked a couple times and its always very stressful and upsetting. I even once had my computer files ransomed and it was the worst nightmare I ever encountered. Its hard to know who to turn to for help. I wish you luck and hope you are able to get this issue resolved. Quote
Donna Posted March 26, 2018 Posted March 26, 2018 Ellajoan I sent you a message as to who I think it is. Quote
Kerven Posted March 26, 2018 Posted March 26, 2018 (edited) Had this happen in December and January. Apparently, someone in Florida bought airline tickets and shopped at a convenience store and toy store during the holidays. The first few charges weren't caught, then it happened again in January and the account was flagged and I was notified. The only purchases during Nov. and Dec. on my part were from Amazon and a few candle suppliers. Fortunately, whoever did it used their actual name for those airline tickets. Creditor sent new cards with next day delivery. Edited March 26, 2018 by Kerven Quote
ellajoan Posted March 26, 2018 Author Posted March 26, 2018 Kerven, similar to our situations. We are on our 5th cards/accounts now. GIANT pain. Kerven, are you willing to share (or PM me) which candle places? I've had a few people now give the same place they suspect, so more data is coming into play. Quote
Faerywren Posted March 26, 2018 Posted March 26, 2018 I've not had my info compromised but I shop from a number of different suppliers and would like to know who it is. Could you PM me as well? Quote
smellywax Posted March 27, 2018 Posted March 27, 2018 9 hours ago, ellajoan said: Tookoo, because I don't want to falsely accuse any suppliers publicly (and like I said, I doubt very highly they even know if their site is not secure). I will PM you who I suspect it could be. Please pm me because I only ordered from 2 suppliers and had my business credit card number stolen last month. Quote
Paintguru Posted March 27, 2018 Posted March 27, 2018 It may be worth contacting your credit card company and telling them who you suspect it is. Perhaps they can do some investigating on their end. I'm sure they have more resources and weight to push around than you do. Quote
kandlekrazy Posted March 27, 2018 Posted March 27, 2018 It's been a yearly thing with our personal acct as well. It sucks, doesn't cost us anything but it's a hassle to go through it. I was told it's rarely, rarely the supplier you purchase from that it's most likely their website ordering system is not secure enough and hackers are getting your info. Last Nov our business account was hacked and not by cc or debit they used our actual acct # and routing # to order almost $5k in gift cards. It took us over 3 months to get that $ back in our acct after reporting the fraud. Took hours of my time to fill out forms, go back to the bank 6 times just for that and then keep checking with them to see if refunded. $5k out of a business acct hurts!! Quote
ellajoan Posted March 27, 2018 Author Posted March 27, 2018 Yes, I was told most suppliers don't do this intentionally, but that their website security is not up to snuff. I think that is the case here. I now know of at least 8 people whose CC/Debit information was compromised. I have contacted this supplier multiple times, but they clearly haven't looked into their website security. It's frustrating. Not a place I will likely order from again, at least not using online CC or Debit. Quote
TallTayl Posted March 27, 2018 Posted March 27, 2018 The last breach of our accounts was traced directly to our cell phone provider. It was an inside job. The way we we found out was $4k in iPads purchased at various sams clubs wi5in a few miles of each other half a country away. The person had all of the pieces of data needed from the cell phone account to become “us”. Prior to that someone hacked my business cc and got a first class ticket to Russia on Christmas Eve. Quote
TallTayl Posted March 27, 2018 Posted March 27, 2018 Another thing I have done to protect my cc #, if the supplier offers PayPal as a method, I pay using my cc info in PayPal. That way the supplier never sees my cc data at all. 4 Quote
ellajoan Posted March 27, 2018 Author Posted March 27, 2018 (edited) Good to know. I will try that next time. We use Debit card only, but in truth, that is a bigger pain to recoup after it's been hacked, as we have to dispute every charge made. Monday, there were 17 unauthorized charges, draining well over $1000 in debit. I am asking if everyone concerned would contact that supplier (those I've pm'ed) and question the security of their website. I didn't get too far in doing so, and I'd hate to see them lose business b/c of this. Lots of people use and like that supplier. Edited March 27, 2018 by ellajoan Quote
ellajoan Posted March 27, 2018 Author Posted March 27, 2018 So not sure if this thread, or the amount of customers complaining about being hacked the last 6 months have anything to do with it, but the suspected company today FINALLY claimed it was a "suspect email" that people opened that caused personal computers to download malware. I am highly doubting this--this seems to be a very late, very ridiculous response to something that has been going on for months. I have scanned my laptop and none of the "malware" was detected. I still purport that the hacking was coming from their unsecure site or an unscrupulous person---and they are not owning up to it. I'm learning that HUNDREDS of people had their info compromised, and for months they blamed it on the Equifax leak or didn't respond when SO many of these customers complained. I'm so disappointed---glad they are addressing it---but highly suspect their honesty in "how" the problem started. Including a comment from the FB page that I thought made sense: I just want you to be aware that blaming customers and consistently saying Malware is the issue is not an accurate way to deal with a PR situation like this. You're putting a situation caused by something on your side into the blame of the consumer and it's....not good. 1 Quote
ellajoan Posted March 27, 2018 Author Posted March 27, 2018 My husband is an IT guy, and he says there is NO WAY that this supplier's problem with fraud could have been caused by Malware. Deceit like that is frustrating. Quote
Candybee Posted March 27, 2018 Posted March 27, 2018 (edited) The company in question has sent an email out to their subscriber customers re a breach of an old email acct. Did you get it? You can see a copy of it in the biz forum. Edited March 27, 2018 by Candybee Quote
ellajoan Posted March 27, 2018 Author Posted March 27, 2018 Got it. They claimed that the breach of the email (e.g., "opening that email sent") put the malware on everyone who was hacked computers. Just cleaned my computer--no malware. Something's not adding up, but glad at least they are not denying the breach anymore. 1 Quote
TallTayl Posted March 28, 2018 Posted March 28, 2018 Facebook people seem pretty angry at the way it is being handled Quote
Moonstar Posted March 28, 2018 Posted March 28, 2018 10 hours ago, TallTayl said: The last breach of our accounts was traced directly to our cell phone provider. It was an inside job. The way we we found out was $4k in iPads purchased at various sams clubs wi5in a few miles of each other half a country away. The person had all of the pieces of data needed from the cell phone account to become “us”. Prior to that someone hacked my business cc and got a first class ticket to Russia on Christmas Eve. OMG UNBELIEVABLE! Quote
Moonstar Posted March 28, 2018 Posted March 28, 2018 How in the heck do people even know how to do this and why I guess I'm just naive:( Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.