Cycling and bicycle discussion forums. 
   Click here to join our community Log in to access your Control Panel  


Go Back   > >

Touring Have a dream to ride a bike across your state, across the country, or around the world? Self-contained or fully supported? Trade ideas, adventures, and more in our bicycle touring forum.

User Tag List

Reply
 
Thread Tools Search this Thread
Old 07-28-09, 07:09 PM   #1
BNcycle
Member
Thread Starter
 
Join Date: Jul 2009
Bikes:
Posts: 46
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Nashbar Credit Card Fraud?

I just ordered about $150 worth of stuff from Nashbar, and I was pretty hesitant to hit the "Submit Order" button. Not sure if everyone is aware, but they've been having some pretty serious credit card issues. A lot of other forums on this site have threads detailing the issues. I wouldn't have used Nashbar, but I would've spent $75 more anywhere else. Has anyone else placed an order through Nashbar recently? I've seen a lot of complaints about fraudulent charges from purchases made 4-5 months ago, but I'm hoping (maybe naively) that they've been fixed by now?

This is probably a thread I should have posted before I submitted my order
BNcycle is offline   Reply With Quote
Old 07-28-09, 07:25 PM   #2
mangosalsa
Snapping chain = pain
 
mangosalsa's Avatar
 
Join Date: May 2008
Location: Hills-Vegas, NC
Bikes: 1987 Schwinn Traveler;1991 Bridgestone CB1;Rigid SS MTB
Posts: 246
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
As a long-time Nashbar customer, and as an ex-employee, I personally trust them. Like every other company that went to the net, they've had their issues. Nashbar has continued to impress me when there have been issues with anything (i.e., returns, warranties, credit card issues, etc.). Sure, Performance has owned them for many years, but Nashbar has stuck it out.

You can use a one-time card number from PayPal if you are unsure about clicking "submit" with another card. My card number (a PayPal Visa) was compromised but not used. I canceled and got another one. Just like I did when my credit union card was compromised. And yes, the issues have been fixed on their (Nashbar) end.
mangosalsa is offline   Reply With Quote
Old 07-28-09, 07:45 PM   #3
bktourer1
Senior Member
 
bktourer1's Avatar
 
Join Date: Dec 2007
Location: Western Ma.
Bikes: Diamondback "parkway" Spec. "expedition
Posts: 786
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I jusr got my letter explaining verything and a 30% discount on my next order.
Look for the letter in the mail
bktourer1 is offline   Reply With Quote
Old 07-28-09, 07:47 PM   #4
Talarspeed
Junior Member
 
Join Date: Dec 2008
Bikes:
Posts: 18
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I received my letter today from Nashbar. And I was one of the victims as a result of the stolen account information. My credit card linked to my checking account (debit Visa) was compromised back in late February (4 months ago). I was protected so nothing actually transpired even though some attempted fraudulent purchases were made. My bank issued me a new card. I have since ordered from Nashbar about $250 without incident.

I think it is odd that the letter just now showed up. It was very long and apologetic. I wish they would offer me a $1000 credit for my "grief and strife". LOL!
Talarspeed is online now   Reply With Quote
Old 07-28-09, 08:06 PM   #5
Louis
Senior Member
 
Join Date: Dec 2001
Bikes:
Posts: 4,866
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
My credit card was compromised early this year after making purchases from Nashbar. Also, my email was hijacked at about the same time. Changing my email address was a pain in the ass.

I got my letter from Nashbar last week with a juicy 30% discount coupon but I'm probably going to pass. Too bad...I'm an old customer. Hell, I used to drive over there and buy stuff from the catalog right over the counter. I'm gonna miss 'em.
Louis is offline   Reply With Quote
Old 07-28-09, 08:16 PM   #6
BengeBoy 
Senior Member
 
BengeBoy's Avatar
 
Join Date: Jul 2007
Location: Seattle, Washington, USA
Bikes: 2014 Pivot Mach 5.7 MTB, 2009 Chris Boedeker custom, 1988 Tommasini Prestige, 2007 Bill Davidson custom; 1988 Specialized Stumpjumper
Posts: 6,941
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mangosalsa View Post
Like every other company that went to the net, they've had their issues.
I just wanted to point out that this is not true.

Plenty - plenty! - of companies have been doing business on the web without experiencing the problems Nashbar has. And what I've read of Nashbar/Performance's handling of this security breach seems to be abysmal - it took them weeks and weeks and weeks to figure out the problem, and even longer to notify customers.

I used to be a Nashbar customer.
BengeBoy is offline   Reply With Quote
Old 07-28-09, 08:37 PM   #7
mangosalsa
Snapping chain = pain
 
mangosalsa's Avatar
 
Join Date: May 2008
Location: Hills-Vegas, NC
Bikes: 1987 Schwinn Traveler;1991 Bridgestone CB1;Rigid SS MTB
Posts: 246
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by BengeBoy View Post
I just wanted to point out that this is not true.

Plenty - plenty! - of companies have been doing business on the web without experiencing the problems Nashbar has. And what I've read of Nashbar/Performance's handling of this security breach seems to be abysmal - it took them weeks and weeks and weeks to figure out the problem, and even longer to notify customers.

I used to be a Nashbar customer.
Give me a break. Do you have any idea how tough it can be to find a leak or breach? It doesn't have to be outside criminals hacking into servers. It's usually some employee going through numbers or printing out a list of numbers. It can take months to trace the source of an information leak, especially to find out exactly what company had the leak in the first place. Trust me on this one, it takes 1 jack*** (usually disgruntled) to steal the info of 10,000's of customers. Usually those numbers are sold to, traded, or shared with others that start using them around the world.

Don't shop there if you don't want to, of course it's your choice, and I can't fault you for it at all.
People should be aware not to use any card for online purchases that are directly attached to their bank account.

Last edited by mangosalsa; 07-28-09 at 08:59 PM.
mangosalsa is offline   Reply With Quote
Old 07-28-09, 09:19 PM   #8
BengeBoy 
Senior Member
 
BengeBoy's Avatar
 
Join Date: Jul 2007
Location: Seattle, Washington, USA
Bikes: 2014 Pivot Mach 5.7 MTB, 2009 Chris Boedeker custom, 1988 Tommasini Prestige, 2007 Bill Davidson custom; 1988 Specialized Stumpjumper
Posts: 6,941
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mangosalsa View Post
Give me a break.
There are many, many companies who do business online who have not had the kinds of problems reported by Nashbar/Performance. Their security breach is large and was poorly handled.

I'm not saying they are worst people in the world, I'm just saying that saying that just because it happened to Nashbar doesn't mean it happens to all online merchants.
BengeBoy is offline   Reply With Quote
Old 07-28-09, 09:26 PM   #9
sstorkel
Senior Member
 
Join Date: Apr 2008
Bikes: Cervelo RS, Specialized Stumpjumper FSR Pro, Schwinn Typhoon, Nashbar touring, custom steel MTB
Posts: 5,424
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
Quote:
Originally Posted by mangosalsa View Post
Give me a break. Do you have any idea how tough it can be to find a leak or breach?
C'mon! Nashbar knew they had a problem back in February or March. They lost 150,000 credit card numbers, not one or two. Now, four months after fraudulent charges appear on my credit card, they're sending me a letter to let me know about it? I'm sorry, but that just smacks of monumental incompetence on their part...
sstorkel is offline   Reply With Quote
Old 07-29-09, 05:10 AM   #10
CCrew
Older than dirt
 
CCrew's Avatar
 
Join Date: May 2008
Location: Winchester, VA
Bikes: Too darn many.. latest count is 11
Posts: 5,343
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by mangosalsa View Post
Give me a break. Do you have any idea how tough it can be to find a leak or breach?
Quite easy if you know what you're doing. Sure you want to have this discussion?
CCrew is offline   Reply With Quote
Old 07-29-09, 06:54 AM   #11
mtclifford
Ceci n'est pas un vélo.
 
mtclifford's Avatar
 
Join Date: Apr 2009
Location: Morgantown, WV
Bikes: Trek 7.2 FX, Canondale Six Carbon 3
Posts: 333
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I don't blame Nashbar for having a leak, what I do blame them for is not coming clean. It was quite obvious they were having serious problems with their security for quite a while and it has only been in the past few weeks they have fessed up. I am sorry but that isn't the type of company I personally would chose to do business with. I got my little apology letter and coupon and it went straight into the trash. Sure I might spend a couple extra bucks elsewhere but my peace of mind has no price.
mtclifford is offline   Reply With Quote
Old 07-29-09, 08:06 AM   #12
mangosalsa
Snapping chain = pain
 
mangosalsa's Avatar
 
Join Date: May 2008
Location: Hills-Vegas, NC
Bikes: 1987 Schwinn Traveler;1991 Bridgestone CB1;Rigid SS MTB
Posts: 246
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Quote:
Originally Posted by CCrew View Post
Quite easy if you know what you're doing. Sure you want to have this discussion?
Sure.

I don't know why everyone is so offended by these statements. Let's just say that I've been doing security work for some time and I might have a different opinion on that particular subject. Whether it's NBar or anyone else, nothing can be 100% secure from the inside. Of course I never said that it happens to "all online merchants", because that wouldn't be true. But all online companies have to deal with managing security, inside and out ... that's what I meant. It's just much tougher to do these days with everyone being online. And as I also said, shop there, don't shop there, everyone has their own decisions to make freely and without any judgment from me.

As for the "late notice" ... I'm sure that had a lot to do with deciding who was to blame for the actual leak and which company (Nashbar, Performance, the banks) was going to take the responsibility ... not good for business, I agree.
mangosalsa is offline   Reply With Quote
Old 07-29-09, 06:30 PM   #13
Rogerinchrist
Senior Member
 
Rogerinchrist's Avatar
 
Join Date: Jul 2004
Location: Plymouth,WI
Bikes: TREK-520 & 830
Posts: 724
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
One can always use the catalog order forms & write a check.
Personally I pay cash whenever I can & don't use credit (dept) cards.
Rogerinchrist is offline   Reply With Quote
Old 07-30-09, 11:35 PM   #14
jkmartin
Senior Member
 
Join Date: Mar 2005
Bikes:
Posts: 167
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I had about $800 worth of fraudulent charges show up on what I now think was the Nashbar breach. Luckily I didn't get stuck with any of it. I've ordered from Nashbar since then. The last order was just an empty envelope. Nashbar replaced that order, but again the envelope arrived open. The orders came through separate shippers. Think I'm going to give someone else a try.
jkmartin is offline   Reply With Quote
Old 07-31-09, 03:18 PM   #15
Speedo
Senior Member
 
Speedo's Avatar
 
Join Date: Jun 2006
Location: Boston Area
Bikes: Univega Gran Turismo, Guerciotti, Bridgestone MB2, Bike Friday New World Tourist, Serotta Ti
Posts: 1,998
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Hmmm. Back in June I saw some of the chatter about security troubles at Nashbar. I wrote them and e-mail and asked about paying with Pay Pal. A customer service person wrote back and said that they don't accept Pay Pal, and "as far as I know Bike Nashbar is a secure site". I was a little underwhelmed by that endorsement, so I shopped elsewhere.

Speedo
Speedo is offline   Reply With Quote
Old 07-31-09, 04:19 PM   #16
travelmama
Senior Member
 
travelmama's Avatar
 
Join Date: Jan 2008
Location: Long Beach,CA
Bikes: Kona Ute, Nishiki 4130, Trek 7000, K2 Mach 1.0, Novara Randonee, Schwinn Loop, K2 Zed 1.0, Schwinn Cream, Torker Boardwalk
Posts: 1,410
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Hmmm, sure that Nashbar had some security issues but that will not stop me from shopping with them. Thanks to the coupon, the Brooks saddle is on. Years ago someone hijacked my number online to buy some crappy clothing in England. Just the other night it happened again with Apple products. I just got another card the next day. I can't be mad at any store in particular. As much as I hate thieves, I give credit to the crooks that know what they are doing.
travelmama is offline   Reply With Quote
Old 08-02-09, 07:41 AM   #17
mooncricket
Senior Member
 
Join Date: Nov 2004
Bikes:
Posts: 290
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
I too did not appreciate a "compromised" notice 4 months after the event. I was traveling abroad and it cost me a huge amount of headaches. I've been a Nashbar customer for many years, but this one incident pretty much wiped any "savings" I've had thru buying from them.

So, not going to buy anything from them unless I absolutely have no other choice. I hate mail order anyway.
mooncricket is offline   Reply With Quote
Old 08-02-09, 08:39 AM   #18
Bacciagalupe
Professional Fuss-Budget
 
Bacciagalupe's Avatar
 
Join Date: Aug 2005
Bikes:
Posts: 6,438
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
This kind of thing happens all the time, and it isn't just limited to online purchases.

Your CC number can be grabbed at almost any stage, including the point of sale. Often it's the credit card processor who gets hit, with much wider consequences, e.g. in 2005 one hack nabbed 40 million credit card numbers. One of the biggest CC thefts was from TJ Maxx and related clothing stores, for a total of 45 million CC numbers in 2003-2004.

I.e. it is illogical to specifically avoid Nashbar, since credit card fraud could happen at almost any time from almost any vendor, online or offline.
Bacciagalupe is offline   Reply With Quote
Old 08-02-09, 08:58 AM   #19
Wanderer
aka Phil Jungels
 
Wanderer's Avatar
 
Join Date: Apr 2005
Location: North Aurora, IL
Bikes: 08 Specialized Crosstrail Sport, 05 Sirrus Comp
Posts: 7,552
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Mine was one of the CC's that was compromised, and the only inconvenience was waiting a few days for the new card.

MY CC company discovered the problem, and cancelled and fixed right away.

I just wish they would have included free shipping with the 30% offer - and I might have used it. Their shipping is attrociously high, and really turns me off!

They really didn't offer much for the problem they caused, which basically ammounted to a decent sale price on their stuff.

Too bad, too, because they usually have decent prices on stuff I don't really need!
Wanderer is offline   Reply With Quote
Old 08-02-09, 12:27 PM   #20
sstorkel
Senior Member
 
Join Date: Apr 2008
Bikes: Cervelo RS, Specialized Stumpjumper FSR Pro, Schwinn Typhoon, Nashbar touring, custom steel MTB
Posts: 5,424
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
Quote:
Originally Posted by Bacciagalupe View Post
I.e. it is illogical to specifically avoid Nashbar, since credit card fraud could happen at almost any time from almost any vendor, online or offline.
Right. And most vendors would notify their customers as soon as they knew they had a problem, rather than trying to sweep the problem under the rug for four months. The breach on my card happened well after they knew they might have a problem. Why not notify me pro-actively as soon as there's a sign of trouble, rather than letting me get ripped off? I understand that credit card fraud can happy to anyone and any company. Based on the way Nashbar handled their problem, I can only conclude that they are too stupid to be trusted with my credit card number in the future...
sstorkel is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -6. The time now is 08:39 PM.