Identity Theft and Nasbar?
#201
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
I ordered, before all this transpired, a large can of Finish Line dry-lube from Nashbar. Some time went by, then the box arrived. In it was a Vittoria 20 X 1 1/8 - 1 1/4" inner-tube. On the box was a Nashbar stock sticker: Finish Line Dry Lube it says.
I called them up and told them what happened. The woman said: "I don't know what they're doing in the warehouse." I told her it must be a lot of booze. She graciously allowed me to keep the inner-tube and promised to dispatch a can of the Finish Line. It took a month to arrive...
I'm still carrying that inner-tube around - looking for a bicycle that it would fit. No such luck. My plan is to give it away.
I called them up and told them what happened. The woman said: "I don't know what they're doing in the warehouse." I told her it must be a lot of booze. She graciously allowed me to keep the inner-tube and promised to dispatch a can of the Finish Line. It took a month to arrive...
I'm still carrying that inner-tube around - looking for a bicycle that it would fit. No such luck. My plan is to give it away.
#202
Senior Member
Join Date: Nov 2008
Location: Bay Area, Calif.
Posts: 7,239
Mentioned: 13 Post(s)
Tagged: 0 Thread(s)
Quoted: 659 Post(s)
Likes: 0
Liked 7 Times
in
6 Posts
I ordered, before all this transpired, a large can of Finish Line dry-lube from Nashbar. Some time went by, then the box arrived. In it was a Vittoria 20 X 1 1/8 - 1 1/4" inner-tube.
...
I'm still carrying that inner-tube around - looking for a bicycle that it would fit. No such luck. My plan is to give it away.
...
I'm still carrying that inner-tube around - looking for a bicycle that it would fit. No such luck. My plan is to give it away.
#203
Senior Member
Join Date: Aug 2006
Location: Boston
Posts: 548
Bikes: Jamis Coda Sport '06
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
#204
Senior Member
Join Date: Jul 2008
Location: Pittsburgh
Posts: 486
Bikes: Domane 5.9, Cannondale Super X, Dedaciai Nuerissimo.
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 5 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
#205
Membership Not Required
Join Date: Jan 2005
Location: On the road-USA
Posts: 16,855
Bikes: Giant Excursion, Raleigh Sports, Raleigh R.S.W. Compact, Motobecane? and about 20 more! OMG
Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 70 Post(s)
Likes: 0
Liked 15 Times
in
14 Posts
Aaron
__________________
Webshots is bailing out, if you find any of my posts with corrupt picture files and want to see them corrected please let me know. :(
ISO: A late 1980's Giant Iguana MTB frameset (or complete bike) 23" Red with yellow graphics.
"Cycling should be a way of life, not a hobby.
RIDE, YOU FOOL, RIDE!"_Nicodemus
"Steel: nearly a thousand years of metallurgical development
Aluminum: barely a hundred
Which one would you rather have under your butt at 30mph?"_krazygluon
Webshots is bailing out, if you find any of my posts with corrupt picture files and want to see them corrected please let me know. :(
ISO: A late 1980's Giant Iguana MTB frameset (or complete bike) 23" Red with yellow graphics.
"Cycling should be a way of life, not a hobby.
RIDE, YOU FOOL, RIDE!"_Nicodemus
"Steel: nearly a thousand years of metallurgical development
Aluminum: barely a hundred
Which one would you rather have under your butt at 30mph?"_krazygluon
#207
Your mom
Join Date: Aug 2006
Posts: 2,544
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Just got my letter. I'm pretty sure my info was nabbed twice through their system. Have ordered since then without compromised card. I'm glad they're finally owning up to it. I'll probably use the coupon and continue ordering from them, as they're the cheapest game around.
#208
Junior Member
Join Date: Aug 2008
Posts: 8
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
I got my letter today also. Back in Jan. someone got into my debt card and rang up $300 worth of stuff. In Dec. I ordered some sunglasses and a jersey from Nashbar. I saw this thread a month ago and put two and two together. Now with this letter, it confirms it.
#209
pedaler
Join Date: Jul 2008
Location: NYC
Posts: 255
Bikes: 2023 Brompton C Line Electric
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
I got my letter today. My guess is they're sending them out by state since my letter had state specific info about laws.
The letter was lame and much too late. Nashbar and Performance will never again get my business. They're 30% off discount is lame. They take no blame and the apology is on the very last line of the letter. The apology should have been the second line of the letter, the first being notification of the breach. And the letter should have been sent at least 3-4 months ago.
The Nashbar business model could be a case study in how not to handle a security breach.
Maybe I'll send Nashbar the ugly CZ ring I received because of their negligence.
The letter was lame and much too late. Nashbar and Performance will never again get my business. They're 30% off discount is lame. They take no blame and the apology is on the very last line of the letter. The apology should have been the second line of the letter, the first being notification of the breach. And the letter should have been sent at least 3-4 months ago.
The Nashbar business model could be a case study in how not to handle a security breach.
Maybe I'll send Nashbar the ugly CZ ring I received because of their negligence.
#210
Senior Member
Got my letter today, Ohio. WOW, I ordered something in Dec 2008 and got hit in March 2009. That's exactly when the letter said it happened. Why did they wait almost 4 months to let anyone know? That's outrageous to say the least. The discount code isn't worth it if they hack into my account again.
#211
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
Two reasons:
1. Nashbar, even if you specify NOT to retain your credit information, Nashbar keeps your credit information.
2. They did not patch the hole in their system. That we are still hearing of recent cases of ID-theft and credit-card charges - as recently as last week where I'm perched - the problem has not been solved and the customers are still getting robbed.
There are 2 reasons I can find. Conclusions is another matter. I have a warehouse-full of these. And they bode ill for Nashbar. After all this evidence, I find it hard to fathom why anyone is doing business with them. With the notable exception of identity-thieves.
1. Nashbar, even if you specify NOT to retain your credit information, Nashbar keeps your credit information.
2. They did not patch the hole in their system. That we are still hearing of recent cases of ID-theft and credit-card charges - as recently as last week where I'm perched - the problem has not been solved and the customers are still getting robbed.
There are 2 reasons I can find. Conclusions is another matter. I have a warehouse-full of these. And they bode ill for Nashbar. After all this evidence, I find it hard to fathom why anyone is doing business with them. With the notable exception of identity-thieves.
#212
Ti
Join Date: Aug 2008
Location: vancouver, wa
Posts: 295
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Got my letter today, Ohio. WOW, I ordered something in Dec 2008 and got hit in March 2009. That's exactly when the letter said it happened. Why did they wait almost 4 months to let anyone know? That's outrageous to say the least. The discount code isn't worth it if they hack into my account again.
Because they might not have known right away. Other big beaches such as "Hanafords" or "TJ MAX" wasn't known immediately. Given the issue/crime and knowing how banks/visa works, NB will be a locked down in no time. The lock down means better software/hardware, security procedures and external security measures (e.g. periodic audits on the network(s) for one) No biz can work with negative publicity like this. If they don't comply with the measures and this occurs again the fines imposed are outrageous.
I got over $500 charges on a new EXXON card I got that I had never used. In Florida of all places...I'm from PNW. How? Someone hired internally got CC# and sold them. Just watch your statements weekly.
Just my $.02
#213
Senior Member
. Given the issue/crime and knowing how banks/visa works, NB will be a locked down in no time. The lock down means better software/hardware, security procedures and external security measures (e.g. periodic audits on the network(s) for one) No biz can work with negative publicity like this. If they don't comply with the measures and this occurs again the fines imposed are outrageous.
OTH, why would any of us who were victimized, they nailed me, use the 30% off discount? We could just be nailed again.
#214
Senior Member
Join Date: Sep 2004
Location: Ville des Lumières
Posts: 1,045
Bikes: Surly SteamRoller
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 42 Post(s)
Likes: 0
Liked 53 Times
in
30 Posts
What is a lockdown? Does NB do it or are they locked down by someone else? I can't believe, like the post above said, that the problem isn't fixed yet. Not fixing a problem of that magnitude can shut you down just from the bad publicity.
OTH, why would any of us who were victimized, they nailed me, use the 30% off discount? We could just be nailed again.
OTH, why would any of us who were victimized, they nailed me, use the 30% off discount? We could just be nailed again.
Also, just because the problem is fixed doesn't mean the cards that were originally stolen are safe. I've had two cards compromised because of this. Back in May Amex detected fraud and two weeks ago BOA detected fraud on my Visa.
#217
Ti
Join Date: Aug 2008
Location: vancouver, wa
Posts: 295
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Tj max situation was complex having to do with the last line to the host processort. If folks are still getting hit due to nb its probably residual effects. There is no way that nb is still processing with the breach still in effect. The host processor and visa wouldn't allow it. It does cost the banks $$ to issue new cards. They wouldn't sit back and. Let nb continue on with a hack in place. Is your are interested in what's going on with electronic payments these days google.... "PCI electronic payments". These door have been open for years folks. Finally the networks are taking action....
#218
Great State of Varmint
Join Date: Sep 2008
Location: Dante's Third Ring
Posts: 7,476
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 2 Post(s)
Likes: 0
Liked 15 Times
in
15 Posts
I'm in Vermont, so they must be doing the 'V' ones. Or if they are sifting by last names - They are doing 'F' now. Which is what grade I'd attach to their pissy letter.
#219
Senior Member
Join Date: Dec 2007
Posts: 2,118
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Would someone who has received a letter please post it? Personal data removed of course.
From what I'm reading so far, it was Nashbar and Performance CC fulfillment company who got hacked, and they have moved to a new CC clearing company. The time it took them to notify seems long, but they have come up with an excuse. ( poor though it may be )
Personally, I will continue to buy from them if the price is right or it's something difficult to get elsewhere. Should say that it's been a long time since they had a current CC # from me.
For those that use the Money Order option, use a bank MO not postal, and make sure you mail it to the right address, it will save a lot of time.
From what I'm reading so far, it was Nashbar and Performance CC fulfillment company who got hacked, and they have moved to a new CC clearing company. The time it took them to notify seems long, but they have come up with an excuse. ( poor though it may be )
Personally, I will continue to buy from them if the price is right or it's something difficult to get elsewhere. Should say that it's been a long time since they had a current CC # from me.
For those that use the Money Order option, use a bank MO not postal, and make sure you mail it to the right address, it will save a lot of time.
#221
pedaler
Join Date: Jul 2008
Location: NYC
Posts: 255
Bikes: 2023 Brompton C Line Electric
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
I just received an email from <resolution-uk@amazonfraudcheck.com> for the Amazon.com account that was used fraudulently. Beware, this is a hazadarous email. If you get it, don't click on the links within it. Just delete it.
You probably only need to worry about this if the perpetrator created an Amazon.com account with your email address, which is what happened to me.
Just gotta say, Thank You Nashbar. You just keep on giving.
You probably only need to worry about this if the perpetrator created an Amazon.com account with your email address, which is what happened to me.
Just gotta say, Thank You Nashbar. You just keep on giving.
#222
Senior Member
Join Date: Dec 2007
Posts: 2,118
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
Likes: 0
Liked 1 Time
in
1 Post
Thanks Panthers007,
If you take that letter as factual, it would seem that the breach originally was not their fault, and when they were told it was not true, persisted with their own investigation. Now, I think there is a good possibility that they could have done more in the early stages, but i don't know if there is some legal restriction they were working under.
I am prepared to give them a pass, subject to increased vigilance. If the rest of don't, it's your money, your right to do what you feel is best for you.
If you take that letter as factual, it would seem that the breach originally was not their fault, and when they were told it was not true, persisted with their own investigation. Now, I think there is a good possibility that they could have done more in the early stages, but i don't know if there is some legal restriction they were working under.
I am prepared to give them a pass, subject to increased vigilance. If the rest of don't, it's your money, your right to do what you feel is best for you.
#223
Member
Join Date: Jun 2008
Posts: 43
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times
in
0 Posts
Because they might not have known right away. Other big beaches such as "Hanafords" or "TJ MAX" wasn't known immediately. Given the issue/crime and knowing how banks/visa works, NB will be a locked down in no time. The lock down means better software/hardware, security procedures and external security measures (e.g. periodic audits on the network(s) for one) No biz can work with negative publicity like this. If they don't comply with the measures and this occurs again the fines imposed are outrageous.
I got over $500 charges on a new EXXON card I got that I had never used. In Florida of all places...I'm from PNW. How? Someone hired internally got CC# and sold them. Just watch your statements weekly.
Just my $.02
I got over $500 charges on a new EXXON card I got that I had never used. In Florida of all places...I'm from PNW. How? Someone hired internally got CC# and sold them. Just watch your statements weekly.
Just my $.02
And then these corporate apologists will always blame the consumer for not checking their statements daily, weekly, hourly.... So if you were stung by Nashbar, it's really your fault - how dare you express your dissatisfaction with them in public and refuse to shop with them again!
#224
Guest
Posts: n/a
Mentioned: Post(s)
Tagged: Thread(s)
Quoted: Post(s)
Thanks Panthers007,
If you take that letter as factual, it would seem that the breach originally was not their fault, and when they were told it was not true, persisted with their own investigation. Now, I think there is a good possibility that they could have done more in the early stages, but i don't know if there is some legal restriction they were working under.
I am prepared to give them a pass, subject to increased vigilance. If the rest of don't, it's your money, your right to do what you feel is best for you.
If you take that letter as factual, it would seem that the breach originally was not their fault, and when they were told it was not true, persisted with their own investigation. Now, I think there is a good possibility that they could have done more in the early stages, but i don't know if there is some legal restriction they were working under.
I am prepared to give them a pass, subject to increased vigilance. If the rest of don't, it's your money, your right to do what you feel is best for you.
#225
Senior Member
Join Date: Nov 2008
Location: South Jersey
Posts: 1,959
Bikes: Too many Bicycles to list
Mentioned: 10 Post(s)
Tagged: 0 Thread(s)
Quoted: 90 Post(s)
Liked 137 Times
in
45 Posts
It wasn't until reading this thread that I had known where and how this happened and starting in Feb and ending in May I had theft into 4 of my CC's one being a debit that was only used once online and after checking it was at Nomoreofmycashbar.I haven't got a letter but did lately receive a sorry Email with nothing but free shipping offer. I had to open a police report before my bank would reverse any charges ( which they did ) all my CC's have been replaced but not my debit card yet and it's been 3 months and is a pain being without. I now must contact the police department and inform them about The NB security breach.