Beware: Wideners credit/debit cards hacked?

[kazan182]

ahhh...this is where they got my card info. I got a call last night from a Baby stroller company saying I ordered a $1200 stroller. Then checked with the bank and there was over $7000 in charges on my card inside 24 hours.

My AE card was also used just three weeks ago. Could be the same breach.

 

[Mike H]

This clears up my question of how one of my cards got hacked. I had used it with Wideners and two other on-line transactions. I think the Wideners purchase was about two weeks ago. No loss to me, the cc company caught all but one $55 purchase, which they immediately removed as soon as they called me and we reviewed my recent purchases. If they knew they were the source/target of the breech it would have been nice for them to send out a heads-up.

 

[Machodoc]

While I have bought from Widener's in the past, I haven't gotten anything from them in the past few months. Nevertheless, my credit card got hacked about a week ago. In my case, the card company's alert system caught the "testing" charge and sent me an e-mail about it. While I was following up on the e-mail, I got a call from the card company. They stopped that card and issued me a new one within 4-5 days. So it may not just be Wideners.

CRAP! I just went back and reviewed my bank card statement:

3/11/2014 - Wideners Reloading &

No wonder I got hacked. Now I'm kinda pissed that Wideners hasn't said anything about it!

 

[toolness1]

This sucks because Wideners has a deal on 2K Armscor 110gr FMJ .308'' bullets I want to jump on. I need to look into their other payment methods.

I never use anything besides a CC/Debit so I really have no clue.

I know it's still possible it's not originating from Wideners, but I would say it's a safe bet to say it is indeed them (or their card processing people). Yet no warning, and they seem to be blowing people off when they try to contact them about this issue.

Not cool.

 

[Laddertowr]

I just learned today I got hacked..... had ammo on order @ Midway... 2 orders came in but got denided so they cancelled the order.... and I had judt ordered some 6.5 Carcano from Widener's

 

[1time]

Mine credit was hacked. I can't swear it came from them but I did order some powder from there right before.

 

[Daddyursus]

Same here. I bought some Tok food from them on 3/11. I consider myself lucky since 5 attempts to charge $1 were intercepted by my Bank and denied. Bank cancelled my card and reissued new one 5 days later

 

[toolness1]

OK I'm done wondering.... its pretty obvious its not a coincidence.

VERY disappointed in Wideners for not warning people about this. Theres no excuse for that, even if it was their card processing company. You have to imagine how many orders Wideners had in the time period, and just imagine how many people have probably contacted them about this.

Yet nothing sent out except their "deals" email.

Sent from my XT901 using Tapatalk

 

[toolness1]

Also, you would think they would realize loyal customers are going to be scared to do further business with them. I was planning on spending $240 on Friday with them but no way am I going to do that now...

They are going to lose business if they don't at least put out a courtesy email.

They could have put a small warning or alert on their deals email they sent out a couple days ago...

Sent from my XT901 using Tapatalk

 

[Sticky]

Thanks for the heads up... looks like I'll not order from them for a while....

 

[07g35xnick]

Also, you would think they would realize loyal customers are going to be scared to do further business with them. I was planning on spending $240 on Friday with them but no way am I going to do that now...

They are going to lose business if they don't at least put out a courtesy email.

They could have put a small warning or alert on their deals email they sent out a couple days ago...

Sent from my XT901 using Tapatalk

I agree. Thanks for starting this thread, I was going to place an order this week

 

[kenpo333]

We had a problem because of the Target problems. Had $900 charged in Mexico but they credit card company took care of that. Sorry to see you guys get caught with the same problem.

 

[toolness1]

You're welcome 07g. I feel bad and don't want to seem like I'm bashing Wideners but I really feel they are dropping the ball on this one... and I don't want anyone to have to go through the hassle if they can avoid it.

Sent from my XT901 using Tapatalk

 

[Daddyursus]

My vote is that Wideners gives out free Cz-82 to anyone that experienced hacking due to placing a recent order with them.
OK, so "some" people have described me as delutional at least once before

 

[Docster]

Was wondering where that $400 charge for eyeglasses from the Netherlands came from? Guess it could have been worse. Just had to cancel the card and now wait for a new one. No other fraudulent charges noted yet.

BTW, thanks for the heads-up!

 

[Machodoc]

My bank took care of the fraudulent charges, too. They caught the first one for about $3, and then denied the next attempt that was for over a hundred. They re-issued my card, and I had it in a few days. That part is an inconvenience, but it's been solved.

I just don't understand why Widener's doesn't do the intelligent thing for a business to do (and the right thing), and lay out to its customers what happened, and what they're doing to prevent it in the future. If it happened in-house, assure us that they found out who on their staff did it, and that they are prosecuting them. If it happened with a contracted processor, change processors and tell customers that you've done so ... but tell your customers what's going on!

I like Wideners, and have ordered from them so comfortably in the past that I even forgot that I'd made a recent purchase. I want to be able to order from them again, in the future, but if they don't care any more about my security than this, it's not going to happen.

 

[TapRackBang]

Definitely hacked

VERY disappointed in Wideners for not warning people about this.

I suspected they were hacked when I got a scam email to the email address I used exclusively with Wideners. I warned them on 03-12 that they'd been hacked, to which they replied "we'll look into it."

I use a unique email address with each entity requesting one. For wideners it was wideners20120503@mydomain.com, mydomain being my private domain name and the numbers being year, month, and day I gave it to them. I've since changed it.

All emails I receive to my domain go into one central inbox ("catch-all"). Using this method I know exactly who is selling my email address or has been hacked. When it happens, I can black-hole the address. If I still want to do business with them I give them a new unique address. Wash, rinse, repeat.

 

[toolness1]

That's a smart idea Tap...

I think that points to this being an in-house issue OR their own computers got hacked from the outside? Doesn't seem like you would have gotten the spam mail if it was only the processing company who had the security breach.

If some jack wagon criminals can do this and get away with it, just think of what the biggest criminals of all are doing (the Gub-Ment!)

Sent from my XT901 using Tapatalk

 

[TapRackBang]

I think that points to this being an in-house issue OR their own computers got hacked from the outside? Doesn't seem like you would have gotten the spam mail if it was only the processing company who had the security breach.

I think it was definitely internal and not the processor. Most likely they use Microsoft Windows to run their business and it got "pwned" by Russian or Eastern European hackers. Which any 5-year-old can do with about 5 minutes of instruction.

 

[Machodoc]

I suspected they were hacked when I got a scam email to the email address I used exclusively with Wideners. I warned them on 03-12 that they'd been hacked, to which they replied "we'll look into it."

I think it was definitely internal and not the processor. Most likely they use Microsoft Windows to run their business and it got "pwned" by Russian or Eastern European hackers. Which any 5-year-old can do with about 5 minutes of instruction.

Yep! The datapoint about an exclusive e-mail address being accessed sure does point to a vulnerability in their own system, and not an issue with their CC processor. Thanks for the intel.