SF Cyclotouring

Ride reports and other ramblings from a San Francisco cyclist.

7/27/2009

Bike Nashbar - FAIL!

Today I received Nashbar's letter, informing me of their data theft and the potential compromise of my personal and credit-card info.

This, of course, is by now old news. I'd heard about this issue over a month ago both on the iBOB list, and on various bike blogs I follow.

The letter states that "while the attack was confirmed on May 18, 2009, it appears that the unauthorized access began in December 2008."

So why am I only receiving their letter NOW, 3+ months after the problem occurred?!? That is unconscionable!

MEH! They just lost a long-time customer.

2 Comments:

Blogger rob hawks said...

Jim,

I've been paying only partial attention to this story. I'm a customer of Nashbar, but I don't think I saved my CC info in my account with them, keying it in each time I order instead. Do you know if that makes a difference as regards the risk?

9:43 AM  
Blogger Jim G said...

Rob, I would think that not storing your user info in a Nashbar account should make a difference, but I'm not sure. I've read that Nashbar is sending out letters to all of their affected customers, so if you don't receive one, there is probably less concern. I'd still keep an eye on your account balances, just in case, and it probably wouldn't hurt to contact them to ask to make certain.

My CC info was compromised earlier this summer and I saw fraudulent charges on my statement. I've since canceled that card and gotten another -- at the time, I didn't link that issue to the Nashbar hack, but the timeline is right. I also later discovered that someone used my identity to create a fake Ebay account, with which they attempted to defraud Ebay bidders through a bogus auction. I only found out about that one after a letter from a collection agency appeared in my mailbox, declaring past-due Ebay charges! And on top of that, I had to do my OWN detective work to figure out what had happened -- Ebay was less than thorough in that regard.

Overall, I am VERY wary of using my CC info online now!

10:59 AM  

Post a Comment

<< Home