Identity Theft and Nasbar?
#51
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
I'm provoking another theft to be sure it's Nashbar - then I'll go after them tooth & nail. But here is part of what I received after placing my invitation to prove Nashbar doesn't give a flying f***.
Thank you for your recent order with Nashbar.
Please contact our customer service department if you have any problems with this order. We can be reached at or by phone at 1-877-688-8600.
Please keep this copy of your order for your records.
Order Confirmation Number: 4000182841
Order Placed on: 3/31/09 5:06 AM
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~
Thank you for your recent order with Nashbar.
Please contact our customer service department if you have any problems with this order. We can be reached at or by phone at 1-877-688-8600.
Please keep this copy of your order for your records.
Order Confirmation Number: 4000182841
Order Placed on: 3/31/09 5:06 AM
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~
#52
Senior Member
Join Date: Dec 2008
Location: Athens, IL
Posts: 155
Bikes: Vision VR40 LWB
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
Never trust a jolly fat man in a red velvet, fur trimmed suit!
#53
Full Member
One of the credit card clearinghouses admitted they were hacked and had data stolen in January. I think they announced this news on Jan 20th, so that it wouldn't get much notice. My husband and I have had 3 credit cards compromised since Dec 25th. My bank's fraud detection department is awesome - 2 credit cards were with them, they took care of any disputed charges, and they notified us promptly about suspicious activity.
https://www.itworld.com/security/6329...ter-data-theft
quotes from that story:
"Merchants at about 250,000 locations, including retail stores, gas stations and hotels, use Heartland's services. Heartland does not know how long the hackers were able to steal credit card information or how many cards were affected. In recent months at least three credit-card processing companies, including Heartland, have been the victims of sophisticated criminal attacks resulting in millions of compromised payment cards. One of the other card processors, RBS WorldPay, lost data on 1.5 million customers. A third hack, at an unnamed payment processor, was disclosed last week."
https://www.itworld.com/security/6329...ter-data-theft
quotes from that story:
"Merchants at about 250,000 locations, including retail stores, gas stations and hotels, use Heartland's services. Heartland does not know how long the hackers were able to steal credit card information or how many cards were affected. In recent months at least three credit-card processing companies, including Heartland, have been the victims of sophisticated criminal attacks resulting in millions of compromised payment cards. One of the other card processors, RBS WorldPay, lost data on 1.5 million customers. A third hack, at an unnamed payment processor, was disclosed last week."
#54
Lost in Los Angeles
Join Date: May 2006
Location: Los Angeles, CA
Posts: 363
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
I regularly have friends, clients, co workers, etc that blame a certain website or service for their identity theft. Though it is possible that nashbar has had a breach there are also many other factors to think of. First I ask them if they use wireless internet. If so do they have it encrypted? Even if the wifi is encrypted someone with a laptop, a little bit of time, and the know how (it's not that hard) can crack your encryption keys and take every single bit of data transferred on your network. In my opinion the most common place that identify theft takes pare is on home and public wireless hotspots. There is a lot of information out there on google if you want to look in to it more. For all of you that have had ID theft take place and do regularly use wifi then take some time to study better methods of security and ways to identify intruders. In this day in age someone can just drive by your house and steal all your information if you don't protect it.
#55
CAT4
Join Date: Jun 2007
Location: Omaha, Nebraska
Posts: 1,681
Bikes: 2009 Cervélo S1, 2009 Felt F75, 2010 Cannondale Synapse Carbon 5, 2011 Cannondale CAADx, 2011 Specialized Transition Elite
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
I would say there are too many people chiming in for it to be a coincidence. I do business with very few online vendors. I have never had a single issue online ever, then I did business with Nashbar and my card gets compromised. Hmmm. Whether or not Nashbar is to blame remains to be seen, but I can tell you with 100% confidence that I will no longer be doing business with them. I will be paying a little extra from now on at my LBS with more peace of mind.
#56
cyclepath
Join Date: Sep 2005
Location: "The Last Best Place"
Posts: 3,550
Bikes: 2005 Trek Pilot 5.0, 2001 Specialized Sirrus Pro, Kona Lava Dome, Raleigh hardtail converted to commuter, 87 Takara steel road bike, 2008 Trek Soho
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
I just received an order from Nashbar with no problem at all. I would guess those having trouble are a small percentage of their total business. That doesn't mean of course that I wouldn't be careful how I did business with them.
__________________
--------------------------------------------------------------------------------------------
"Without music, life would be a mistake."
-- Friedrich Nietzsche
--------------------------------------------------------------------------------------------
"Without music, life would be a mistake."
-- Friedrich Nietzsche
Last edited by daredevil; 04-03-09 at 02:09 PM.
#57
Senior Member
Join Date: Aug 2007
Location: St. Louis, MO
Posts: 263
Bikes: Steelman road bike, '81 Schwinn Le Tour single speed,
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
Well, FWIW, I had my card info stolen last month and the guy was buying airline tickets all over europe. It was a big pain to deal with, but I did get everything back finally. I have purchased through nashbar as well, and many other online retailers. No clue who is responsible, but it wasn't fun.
#58
ChooseVeg.com
Join Date: Mar 2007
Location: Portland, OR
Posts: 74
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
Same thing happened to me a week or two ago on a card that I have pretty much only used for Nashbar and groceries at a local store.
#59
Junior Member
Join Date: Jul 2008
Location: Seattle
Posts: 15
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
I'm another person here who had used my credit card online with Performance and Nashbar (I bet most of us have), and I use a separate card just for online purchases, and last week I got a call from my credit card company with the fraudulent similarly described iTunes and VOIP charges, glad the credit card risk analysis system caught it and called me within 2 days of the charge (even though the total was <$20), and took care of it by closing the account and issuing a new one.
I bet it was these same bad guys and the Heartland compromise, although it sounds like iTunes needs a better system to authenticate their cards, the bad guys usually pick consistent places to use for the fraud that are least likely to catch them before they get the payout.
--John
I bet it was these same bad guys and the Heartland compromise, although it sounds like iTunes needs a better system to authenticate their cards, the bad guys usually pick consistent places to use for the fraud that are least likely to catch them before they get the payout.
--John
#60
Sputnik - beep beep beep
Join Date: Oct 2008
Location: Louisville KY
Posts: 481
Bikes: '12 Jamis Coda Elite '09 Jamis Sputnik, '07 Jamis Eclipse, '13 Brompton M6R.
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Stolen card #'s can languish for a while before being used. I was hit for $1600 worth of DisneyWorld tickets on my corporate Amex card and I hadn't used the card at all for the previous TWO YEARS!
#61
Senior Member
I made a purchase from Nashbar last month and 2 weeks ago I got a call from the credit card company. Someone tried to use my card to buy I-Tunes (only $1) and then a ticket on Easyjet. Like most of you Nashbar is not the only establishment I've used that card for online purchases, but we are seeing a pattern, aren't we . . .
#62
Senior Member
Join Date: Mar 2009
Location: Massachusetts
Posts: 93
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
On the one hand, the banks do so much pattern analysis these days that I find it difficult to believe that they wouldn't detect a rash of thefts that all have a single online store in common. Perhaps the number of incidents involving this store is too small to trigger the banks' or credit card agencies' fraud systems, or else, as others have suggested, the problem is really with their processor.
On the other hand, a quick trip to their site leaves me unimpressed with their security. The checkout pages produce the "not all content is encrypted" message. Strictly speaking, that's not necessarily a problem. There's no technical reason to encrypt their logo image, for example. But it's a sign that they (or their web designer) didn't really care about doing a thorough job.
On the other hand, a quick trip to their site leaves me unimpressed with their security. The checkout pages produce the "not all content is encrypted" message. Strictly speaking, that's not necessarily a problem. There's no technical reason to encrypt their logo image, for example. But it's a sign that they (or their web designer) didn't really care about doing a thorough job.
#63
Guest
Posts: n/a
Mentioned: Post(s)
Tagged: Thread(s)
Quoted: Post(s)
On the one hand, the banks do so much pattern analysis these days that I find it difficult to believe that they wouldn't detect a rash of thefts that all have a single online store in common. Perhaps the number of incidents involving this store is too small to trigger the banks' or credit card agencies' fraud systems, or else, as others have suggested, the problem is really with their processor.
On the other hand, a quick trip to their site leaves me unimpressed with their security. The checkout pages produce the "not all content is encrypted" message. Strictly speaking, that's not necessarily a problem. There's no technical reason to encrypt their logo image, for example. But it's a sign that they (or their web designer) didn't really care about doing a thorough job.
On the other hand, a quick trip to their site leaves me unimpressed with their security. The checkout pages produce the "not all content is encrypted" message. Strictly speaking, that's not necessarily a problem. There's no technical reason to encrypt their logo image, for example. But it's a sign that they (or their web designer) didn't really care about doing a thorough job.
#64
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
I just received a form to fill out from my bank's fraud division. And a post-paid return envelope. I filled the form out, and it's on it's way back to the bank.
We shall see...
We shall see...
#65
pedaler
Join Date: Jul 2008
Location: NYC
Posts: 255
Bikes: 2023 Brompton C Line Electric
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Two of my credit card #s were stolen. The only two places I used both CCs were Nashbar and Niagara. I will no longer be doing business with either place.
Received some ugly ring in the mail today that was purchased by the thief. Supposedly I can expect an ugly piece of jewelry each month. The thief also purchased "How to make money on the internet" from Google, which is a monthly charge. Looks to me like the thief knows how to make money on the 'net.
I've been doing a lot more business with my LBS. I did one purchase with Performance and I'll be watching the new credit card to see if any fraud shows up on it. I've only used it at Performance, no where else.
Received some ugly ring in the mail today that was purchased by the thief. Supposedly I can expect an ugly piece of jewelry each month. The thief also purchased "How to make money on the internet" from Google, which is a monthly charge. Looks to me like the thief knows how to make money on the 'net.
I've been doing a lot more business with my LBS. I did one purchase with Performance and I'll be watching the new credit card to see if any fraud shows up on it. I've only used it at Performance, no where else.
#66
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
You're the only one here who has mentioned Niagara - whereas the name 'Nashbar' has been the common thread throughout this. Including my case. Unless you're like me and enjoy setting traps, I'd avoid Nashbar but not Niagara Cycle Works. They have great stuff and cool prices. And since one of the owners came in when we were all complaining about how long it takes for them to ship, they are now delivering pretty much quickly. At least in my, and a few others who mentioned this, case.
If in your shoes, I'd mention 'Nashbar' to the banks that issued your stolen cards. I sure did.
If in your shoes, I'd mention 'Nashbar' to the banks that issued your stolen cards. I sure did.
#67
pedaler
Join Date: Jul 2008
Location: NYC
Posts: 255
Bikes: 2023 Brompton C Line Electric
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
I'd be very happy to believe Niagara wasn't the source of the fraud. I liked them. I'll give them another chance, but Nashbar is dead to me especially since it seems to be the thief.
Anyone report to Nashbar their suspicions?
Anyone report to Nashbar their suspicions?
#68
Membership Not Required
Join Date: Jan 2005
Location: On the road-USA
Posts: 16,855
Bikes: Giant Excursion, Raleigh Sports, Raleigh R.S.W. Compact, Motobecane? and about 20 more! OMG
Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 70 Post(s)
Likes: 0
Liked 15 Times
in
14 Posts
I had a card number skimmed too. Nashbar was the ONLY place it was used. The thief signed me up for Netflix Only reason I used that card was because my other two were dead in the water waiting on replacements, because they had been implicated in the Heartland massacre. So far this year I have had a total of 5 replacement cards. My company credit card has been compromised twice in 3 months. I suspect it is about time to go back to a cash only basis.
Aaron
Aaron
__________________
Webshots is bailing out, if you find any of my posts with corrupt picture files and want to see them corrected please let me know. :(
ISO: A late 1980's Giant Iguana MTB frameset (or complete bike) 23" Red with yellow graphics.
"Cycling should be a way of life, not a hobby.
RIDE, YOU FOOL, RIDE!"_Nicodemus
"Steel: nearly a thousand years of metallurgical development
Aluminum: barely a hundred
Which one would you rather have under your butt at 30mph?"_krazygluon
Webshots is bailing out, if you find any of my posts with corrupt picture files and want to see them corrected please let me know. :(
ISO: A late 1980's Giant Iguana MTB frameset (or complete bike) 23" Red with yellow graphics.
"Cycling should be a way of life, not a hobby.
RIDE, YOU FOOL, RIDE!"_Nicodemus
"Steel: nearly a thousand years of metallurgical development
Aluminum: barely a hundred
Which one would you rather have under your butt at 30mph?"_krazygluon
#69
Uber Goober
We're in the middle of trying to get stuff straighted out- apparently have a number of $1 purchases on the card, plus who knows what else. Wife bought stuff at Nashbar before Christmas, just now having stuff show up, so who knows if that's related.
__________________
"be careful this rando stuff is addictive and dan's the 'pusher'."
"be careful this rando stuff is addictive and dan's the 'pusher'."
#70
Senior Member
Join Date: Jul 2008
Location: Kansas City, MO
Posts: 195
Bikes: Surly. 4 of them.
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
OK, yeah, I had that happen too.
They were the *only* thing I bought on that card.
The companies where my card had been used fraudulently all had my cell number, which I only gave to nashbar.
Since then, my card was used to purchase minutes on a shady skype-type service out of Germany, a NetFlix account, and some kind of grant place.
I'll not be dealing with Nashbar until they start doing paypal.
They were the *only* thing I bought on that card.
The companies where my card had been used fraudulently all had my cell number, which I only gave to nashbar.
Since then, my card was used to purchase minutes on a shady skype-type service out of Germany, a NetFlix account, and some kind of grant place.
I'll not be dealing with Nashbar until they start doing paypal.
#71
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
Perhaps we should circulate a Won't Shop Nashbar petition on this site - with permission from the admins - and notify Nashbar of it's existence. Then hit 'em with it.
Secure Your Servers - Or Goodbye!
Secure Your Servers - Or Goodbye!
#72
pedaler
Join Date: Jul 2008
Location: NYC
Posts: 255
Bikes: 2023 Brompton C Line Electric
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
The question I have is how do we notify Nashbar? How do we get to the top, over the heads of the thieves? I'm afraid that if I contact customer service I'll be writing to the thief.
It's already Goodbye to Nashbar from me. I shall never purchase from them again no matter how good of deals might be had. And for that matter, I've bought my last bike part from Nashbar's cousin, Performance. There are plenty of other good, legit and fraud-free bike shops in cyberspace.
And my LBS seems happy to be getting so much more of my business. I've been having them order for me lately, instead of placing my orders online. Costs a bit more but I can afford to support my local bike shop.
But by all means, circulate a petition to boycott Nashbar. I'll sign it.
It's already Goodbye to Nashbar from me. I shall never purchase from them again no matter how good of deals might be had. And for that matter, I've bought my last bike part from Nashbar's cousin, Performance. There are plenty of other good, legit and fraud-free bike shops in cyberspace.
And my LBS seems happy to be getting so much more of my business. I've been having them order for me lately, instead of placing my orders online. Costs a bit more but I can afford to support my local bike shop.
But by all means, circulate a petition to boycott Nashbar. I'll sign it.
#73
surly old man
Join Date: Sep 2006
Location: Carlisle, PA
Posts: 3,392
Bikes: IRO Mark V, Karate Monkey half fat, Trek 620 IGH, Cannondale 26/24 MTB, Amp Research B3, and more.
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 46 Post(s)
Likes: 0
Liked 42 Times
in
18 Posts
Is it possible that people at Nashbar are not aware of this thread? Sure would be nice of them to address it. Like owners or reps from Schwalbe, IRO, Niagra and others have done here on BF in the last few years. Seems like a good business would keep tabs on their customers' culture.
jim
jim
__________________
Cross Check Nexus7, IRO Mark V, Trek 620 Nexus7, Karate Monkey half fat, IRO Model 19 fixed, Amp Research B3, Surly 1x1 half fat fixed, and more...
--------------------------
SB forever
Cross Check Nexus7, IRO Mark V, Trek 620 Nexus7, Karate Monkey half fat, IRO Model 19 fixed, Amp Research B3, Surly 1x1 half fat fixed, and more...
--------------------------
SB forever
#74
Senior Member
Join Date: Jul 2008
Location: Kansas City, MO
Posts: 195
Bikes: Surly. 4 of them.
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
Yeah, it's not rocket science. It does take some planning and following guidelines, but it's not rocket science. This isn't unique and uncharted territory, it's something that happens millions of times a day that's getting screwed up.
#75
Senior Member
Join Date: Jul 2008
Location: MN
Posts: 57
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
If youre reading this and not sure of your account....i say call your CC and verify acitivity
I purchased from NASHBAR a week ago on the 72 hr sale...didnt use my card before then for about a month and THERE ARE fraudulant charges on there.
I aint blaming Nashbar cuz who really knows...
My CC account is now closed.
Someone else can get their Skype, Acme and whateverelse crap they bought off some other sucker.
I purchased from NASHBAR a week ago on the 72 hr sale...didnt use my card before then for about a month and THERE ARE fraudulant charges on there.
I aint blaming Nashbar cuz who really knows...
My CC account is now closed.
Someone else can get their Skype, Acme and whateverelse crap they bought off some other sucker.