Our City Online

Messageboard - Q&A

NOTE: You are viewing an archived version of the Columbus Underground forums/messageboard. As of 05/22/16 they have been closed to new comments and replies, but will remain accessible for archived searches and reference. For more information CLICK HERE

Has your debit card number been stolen recently?

Home Forums General Columbus Discussion Q&A Has your debit card number been stolen recently?

  • This topic is empty.
Viewing 15 posts - 106 through 120 (of 276 total)
  • Author
    Posts
  • #316313

    Tigertree
    Member

    Someone should really do an art project with all of these old cards.

    #316314

    paktinat
    Member

    A few years ago the best buy at tuttle had set up auxiliary cashier stand to help alleviate the holiday rush. a computer security guy (who told me this story at a speech I attended) discovered that these cashier stands were sending CC info to the store payment processing system via an un-encrypted wireless network.

    If he was malicious he would have just kept all those card numbers for himself instead of telling the store.(when they did nothing he called news stations)

    stupid security mistakes happen all the time. Just because a specific store lost your info doesn’t mean it was a malicious employee.

    #316315

    Tenzo
    Participant

    Any reason I should not mark of the little 4 digit code on the back of all my credit cards?

    #316316

    KSquared
    Member

    How about we cut out the baseless accusations when there is no proof?

    “… the availability heuristic, which refers to “the tendency to judge the frequency or likelihood of an event by the ease with which relevant instances come to mind” (Baumeister & Bushman, 2008)

    If this happened to a large number of people, and it’s being talked about on a site with a high likelihood of its members spending time in the Short North, chances are, like Dru said, there will be a correlation between having your debit or credit card compromised and hanging out in the Short North because you are basing it on a limited sample of people. This is bad data and would be considered a confound for any legitimate study. This is NOT a random sample.

    #316317

    daniel
    Member

    K2 – right

    If someone does feel the ridiculous need to start pointing fingers at local businesses or regions, it’s our responsibility as readers to, at least, immediately disregard those things.

    #316318

    DavidF
    Participant

    Wait, you mean correlation and causation aren’t the same thing? So are you saying that wearing my lucky jersey Saturday won’t make a difference? I’m so confused now.

    #316319

    TimLessner
    Member

    Greetings,

    I’m a long time lurker on CU however I rarely post. I dunno I’m shy. That said I feel some sort of introduction is appropriate.

    My name is Tim Lessner and I own Tip Top with my sister, Liz and my friend Chuck Hootman. I’m also the paid General Manager in this arrangement.

    About a month ago I got a call from Heartland Payment Systems who process our credit cards. They told me that Visa thinks our 2 Touch POS system was compromised. Visa based this allegation on the fact that between July and August several people used their cards legitimately at Tip Top and the next charges were reported fraudulent.

    Heartland advised me to hire an outside company to perform penetration tests on our System as well as have me answer an SAQ regarding how we handle CC info. I hired 403 Labs who ran a scan and answered an SAQ. Tip Top’s system passed the scan and I passed the SAQ. Tip Top is Pay Card Industry (PCI) Compliant. Tip Top also removed its Wi-Fi connectivity as it *might* have been an avenue for the breach, as well as replaced our hard drives in case they’re corrupted or embedded with something nasty.

    Despite the fact that our system is PCI Compliant, Heartland is passing me a $5,000 fine that Visa handed them. (This is after I outsourced 403 on TT’s dime) What absolutely frustrates me is no one, not Visa, Heartland, 2 Touch, the CPD, 403 Labs can say with certainty where the breach occurred but TIP TOP is being forced to pay the bill. It’s either that or Visa will disallow Heartland to process their cards at TT which would of course ruin us.

    Visa contends that no fraud has occurred or been connected with Tip Top since before September 20. Tip Top hired 403, removed hard drives, Wi-Fi October 8.

    Having spent numerous hours on the phone with Heartland, 2 Touch, 403 it is my belief that a very skilled and determined hacker (who could live anywhere in the world) somehow penetrated our POS. Another viable possibility is this is wind fall from Heartland being compromised in January as someone in an earlier post pointed out. Or it could be ze Germans.

    A woman who works at the State Department has been circulating a mass email that reads something like “DO NOT EAT AT TIP TOP. THEY WILL STEAL YOUR CC INFO. I’d like to say that is not true and reiterate: Regrettably, Tip Top’s POS was likely compromised between July and August. Tip Top has responded by closely examining our CC systems, working with our software developer, working with our card processor as well as 403 Labs who we’ve recently hired AND the Columbus Police Department.

    On the request of this woman from the State Department who is absolutely certain that Tip Top is printing cards in our basement I was visited by Detective Wilson of the CPD and assisted him in his investigation.

    It is also Detective Wilson’s belief that this crime was perpetrated by a highly skilled hacker who could be anywhere.

    Good People, please know Tip Top feels terrible about this happening and is one of many establishments that has been hit by one of these attacks locally.

    The very grim reality is businesses and databases all over the world are compromised every single day. Although I’m sure it’s possible to garner some instant gratification by concluding: “I had my cc compromised. YOU had your cc compromised and WE BOTH SHOPPED AT THE SAME PLACE SOMETIME THIS YEAR? Oh that business MUST be photographing our cards….” The truth is such a conclusion is extremely short minded.

    The CPD agrees with Jon Myers. This is high level crime. Not a bartender.

    I wish I was posting something more pleasant. I have spent the better part of every day for the last three weeks on the phone with somebody over this. Tip Top has also incurred costs and fines in the thousands over an attack that was perpetrated on us. To add insult to injury I have a woman at the State Department basically trying to black list us for being victim :/ uhg.

    In summation I would again like to publicly announce Tip Top’s POS was likely compromised between July and August. Tip Top has been sorely affected both financially and publicly by the attack. Since taking several preventative measures NO FRAUD has been connected with Tip Top.

    I am sincerely sorry to anyone whose card may have been compromised by patronizing Tip Top. It remains my privilege and pleasure to serve you. And it is my hope that you will permit me to continue.

    Very Best, Tim Lessner

    #316320

    somertimeoh
    Participant

    Seems like what VISA is doing is just as bad as the criminals :(

    No hacker will keep me from my pot roast sandwich!!

    #316321

    catnfiddle
    Participant

    Wow, Tim, that’s awful! How much would it take to switch away from Heartland to another vendor? As for your customer loyalty, I cannot imagine you would lose it. Yours are the best cheesesteaks I’ve had outside of Philly.

    #316322

    surber17
    Participant

    Tim, thanks for the note and I dont think you have to worry about anyone on here not eating at Tip Top.

    The piece I didnt quite understand is how the fraud was happening:

    People were eating there using other people’s credit card numbers?

    #316323

    e-roc
    Member

    surber17 wrote >>
    Tim, thanks for the note and I dont think you have to worry about anyone on here not eating at Tip Top.
    The piece I didnt quite understand is how the fraud was happening:
    People were eating there using other people’s credit card numbers?

    The other way around, people eating there may have had their information used in a fraudulent way if their system was hacked as Heartland claims.

    #316324
    rus
    rus
    Participant

    somertimeoh wrote >>
    Seems like what VISA is doing is just as bad as the criminals :(
    No hacker will keep me from my pot roast sandwich!!

    Why not just use cash?

    It’s not like you have to finance a pot roast sandwich, nor could I see someone asking you to prove you paid for your sandwich six months later.

    #316325

    DavidF
    Participant

    It almost makes me long for the days when running a credit card involved physical making an imprint of the card and getting a carbon copy receipt. Of course those were also vulnerable to fraud, which of course on-line processing was going to reduce or eliminate. Anyone remember the hard sell for on-line security? It was something along the lines that less paper equals less opportunity for criminals.

    #316326

    surber17
    Participant

    e-roc wrote >>

    surber17 wrote >>
    Tim, thanks for the note and I dont think you have to worry about anyone on here not eating at Tip Top.
    The piece I didnt quite understand is how the fraud was happening:
    People were eating there using other people’s credit card numbers?

    The other way around, people eating there may have had their information used in a fraudulent way if their system was hacked as Heartland claims.

    The other piece I’m trying to figure out is why in the world would a hacker pick Tip Top. Makes you wonder if it was a past disgruntled employee who had access to the system (which is one of the most common ways sensitive info is compromised).

    #316327

    somertimeoh
    Participant

    rus wrote >>

    somertimeoh wrote >>
    Seems like what VISA is doing is just as bad as the criminals :(
    No hacker will keep me from my pot roast sandwich!!

    Why not just use cash?
    It’s not like you have to finance a pot roast sandwich, nor could I see someone asking you to prove you paid for your sandwich six months later.

    That may be your financial philosophy, but it’s not mine. I am well educated in how our financial systems work and even with all this going on it hasn’t even made a blip on my concern screen. I do not like the way vendors are being treated after reading this post, but I know my rights as a consumer and do not rely on single accounts (or institutions) for my money flow. It would be near impossible to make me completely financially disabled unless it was a targeted, personal attack.

Viewing 15 posts - 106 through 120 (of 276 total)

The forum ‘Q&A’ is closed to new topics and replies.

Subscribe below: