Results 1 to 8 of 8
Like Tree4Likes
  • 1 Post By Store Team
  • 1 Post By Store Team
  • 1 Post By RumoredNow
  • 1 Post By RumoredNow
  1. Store Team's Avatar
    Posts
    0 Posts
    Global Posts
    62 Global Posts
       #1  
    On July 12th, Smartphone Experts discovered suspicious activity on a system used to process credit card payments for orders made through our online stores. This system powers accessory stores for several websites, including the webOS Nation store.

    We immediately implemented measures to prevent any further unauthorized access, and engaged a leading computer security firm to investigate and provide recommendations for additional security measures.

    The security firm completed its investigation on August 5th 2013 and found evidence that although credit card information is encrypted when it is stored, the hacker may have had the technical ability to use a decryption feature of the system to view some customer’s credit card information.

    Over the next few days we will be notifying all individuals via mail or email whose information may have been affected so they can take steps to protect their cards from any potential fraudulent charges. We have provided all relevant information about this incident to the credit card companies so they can take steps to protect their cardholders. We are also working with law enforcement.

    We are committed to maintaining the security of any and all personal information in our system and are taking this matter seriously. We have implemented additional security measures in order to prevent an event like this from occurring in the future.

    We will provide support via this forum thread, but for any individual concerns please don’t hesitate to email us at support@smartphoneexperts.com or call us at ( 888 ) 599-8998, option 2.
    Last edited by Store Team; 08/06/2013 at 08:59 PM. Reason: Correcting spacing in phone number.
    Remy X likes this.
  2. #2  
    How long has this been a problem?

    My mother's debit card was replaced by the bank after an unauthorized purchase was blocked, I think only a few days after she bought an item here. Could be a simple coincidence (hopefully), because the bank said that someone made a fake card and ran it as credit, at an actual store, in the same county where we live...
  3. Store Team's Avatar
    Posts
    0 Posts
    Global Posts
    62 Global Posts
       #3  
    Quote Originally Posted by Remy X View Post

    My mother's debit card was replaced by the bank after an unauthorized purchase was blocked, I think only a few days after she bought an item here. Could be a simple coincidence (hopefully), because the bank said that someone made a fake card and ran it as credit, at an actual store, in the same county where we live...
    If you call our support team (888) 599-8998 option 2 tomorrow with your mother's name and billing address, they will be able tell you if your mother's card was at-risk.
    Remy X likes this.
  4. #4  
    Quote Originally Posted by Store Team View Post
    If you call our support team (888) 599-8998 option 2 tomorrow with your mother's name and billing address, they will be able tell you if your mother's card was at-risk.
    Thanks

    By the way, that was late last year (forgot to mention). I'm just wondering how long it took to detect the invasion. If it all took place in July, then our case is unrelated. If the intruders spent 6 months in the system, then it might be. Otherwise, there's no risk for us since that particular card number has been dead for over six months.
  5. #5  
    Quote Originally Posted by Store Team View Post
    ...We have provided all relevant information about this incident to the credit card companies so they can take steps to protect their cardholders. We are also working with law enforcement...

    Thank you for these two additional steps. Many times merchants hesitate to make such notifications, fearing negative publicity. This allows the fraudsters to cycle through their cache of stolen card identities at leisure, maximizing their "take" from the system intrusion and affecting card holders for many, many months afterward...

    With notification to the credit card issuers, expect a mass reissue on all card numbers affected. If you've done business with a Smartphone Experts powered site, watch your email (including junk/spam folders) for a contact from your bank. Your card will most likely be replaced within one month.
    Lumia 1520.3 (the Beastly Unicorn): Windows 10 Mobile

    Windows Central Senior Ambassador

    Mobile Nations Devotee
    Remy X likes this.
  6. #6  
    And it only took you one month to notify us? Or you just realized? In either case it is totally and utterly wrong! What kind of business are you running? One where you do not care for customers obviously! otherwise this wouldn't have happens. You know when I am going to buy anything from you again? Never! Do yo know when I am going to recommend your site again? Never.
  7. #7  
    Quote Originally Posted by juanpaito View Post
    And it only took you one month to notify us? Or you just realized? In either case it is totally and utterly wrong! What kind of business are you running? One where you do not care for customers obviously! otherwise this wouldn't have happens. You know when I am going to buy anything from you again? Never! Do yo know when I am going to recommend your site again? Never.
    Calm down buddy. It could have been waaaay worse....
  8. #8  
    Quote Originally Posted by juanpaito View Post
    And it only took you one month to notify us? Or you just realized? In either case it is totally and utterly wrong! What kind of business are you running? One where you do not care for customers obviously! otherwise this wouldn't have happens. You know when I am going to buy anything from you again? Never! Do yo know when I am going to recommend your site again? Never.
    As the OP said, they took immediate measures to secure their systems... Then the investigative phase took place. Then notification of the card issuers (AmEx, MC, Visa, etc.)

    Very little happens overnight. July 12 to Aug 6th notification to POTENTIALLY affected card holders is reasonable.

    System intrusions to obtain payment details is on the rise. It's happening every day. Not all merchants act as responsibly as Smartphone Experts appears to be treating this. They have followed the correct path in a very timely manner if the OP is correct on the timeline.

    Means to obtaining card information are many, chances are your card has been probed and your bank never notified you of the fact if the probe was unsuccessful. Most often your printed statement or online report does not include any transactions rejected at the point of sale, reversed by the merchant's system or adjusted out by your bank's security computers. Things that are a zero balance simply are not shown. That way most of us don't panic at seeing what goes on behind the scenes () and the bank saves server space...

    If you are concerned at any time that your card information has been compromised you can call your bank and ask for a new card number, review transactions, find out their reimbursement policy in case of fraud and find out what systems they have in place to help you protect yourself.


    YOU have to play a part in your own security!!!!! You are an adult and it is your money (ATM Debit Card) or line of credit (Credit Card) so you do have some responsibility in monitoring and maintaining the account(s). Try as they do, remember your bank is monitoring EVERY account and yours is one of many. Mistakes can and do happen. Unauthorized activity does get through unflagged. No one knows your transactions better than you. Check your account regularly. Set up alerts for your card's activities. I get a text from my bank anytime a transaction occurs online, a text whenever a transaction is $50 or greater, a text of my balance summary on each account once a week, a text when the balance on my account falls below $50 and a text of the balance after every transaction thereafter...

    I recently had a merchant pull $178.00 out of my checking account. They wanted an annual renewal and simply took it out of the last payment method on file. I never authorized that; thankfully my preset alert conditions notified me. I called the merchant and insisted that they remove their hold on the pending amount. The merchant did so and the money was immediately back in my account.


    Merchants SHOULD act responsibly and be forthcoming when security breaches occur. Many are not. There is a grocery store chain in the mid-west that has been compromised more than once. It is an ongoing story in the press... For some customers of their stores, the banks have had to replace multiple cards (credit and or atm/debit) multiple times. Their notifications have been slow - maybe even their recognition of what is happening. Their corrective methods proved insufficient more than once - either they failed in securing the systems or failed to recognize the scope and nature of the intrusion. It's a major debacle.


    From what I read in the OP it sounds as if Smartphone Experts did what was necessary and in a timely manner. Note the hiring of the security team to investigate and advise. A smart move and better than relying on in-house tech which is what obviously failed. It takes time to access the extent of a breach, gather the card numbers potentially affected and contact the card issuers with those numbers. Note that the original data is encrypted and the intruder may or may not be able to decrypt, yet Smartphone Experts still are gracious enough to notify the card issuers and the card holders. Additionally they have made public statements such as the post you are reacting to.

    Panicking and pointing the finger of blame does nothing to address the root problem. Criminal intent. It strikes where it will and sometimes it succeeds. Smartphone Experts are not to be blamed for what a criminal did. They are to be commended for attempting to make it right as swiftly as can be done while still proceeding methodically to ensure all necessary information is gathered and counter measures enacted.
    Lumia 1520.3 (the Beastly Unicorn): Windows 10 Mobile

    Windows Central Senior Ambassador

    Mobile Nations Devotee
    Remy X likes this.

Similar Threads

  1. Smartphone Experts Connect
    By sketch42 in forum webOSNation.com - Site News, Feedback & Help
    Replies: 5
    Last Post: 10/21/2010, 08:47 PM
  2. Smartphone Experts P7 Pouch?
    By IsLNdbOi in forum Palm OS Devices & Apps
    Replies: 1
    Last Post: 05/26/2006, 12:03 PM
  3. Replies: 0
    Last Post: 01/24/2006, 08:32 PM

Posting Permissions