I just joined this forum to update this thread. Yesterday, I purchased an RO system from BRS, and within less than 24 hours, my credit card company notified me of a fraudulent charge, and subsequently locked my account.
This was my first time purchasing anything from Bulk Reef Supply, and I felt a little nervous using their site, since their software auto-filled my address as I started typing it, despite the fact that I have never bought from them before. I did a quick search using the words, "bulk reef supply fraud," and my search engine suggested, "bulk reef supply fraud alert," which I then searched, and this thread came up.
I thought it would be worth letting you all know that I contacted BRS just this morning to inform them that I'd had this happen within 24 hours of purchasing from them, and that there could be a new (or continued) breach. Jason was very polite and professional on the phone, and he said they would let me know what they find.
As stated the "Autofill" is because of your browser settings.. It has NOTHING to do with BRS website.. That information is stored locally on your computer and done so because you have allowed it to keep that information..
Your browser simply sees a form field named "name" or "email" and gives you the option to fill that form with its known/stored data.
Same for the credit card problems.. Again.. Nothing related to BRS there too more than likely.. They are a very processional/reputable supplier around here.. Don't let this one incident stop you from supporting them..
They are excellent..
I just ordered from them 2 days ago and will continue to do so..
Its a shame that this kind of stuff happens but it happens to everyone.. small and large companies.. Home depot/ Target all have had "security breaches" despite having thousands and thousands of dollars into "internet security" and dedicated "security professionals" monitoring their network traffic..
Sadly there is more money to be made in "illegal hacking" than "Internet Security" jobs protecting us from those "illegal hackers"..
I do websites for numerous online clients and its quite a task keeping everything up to date and secure..
I actually attempt to block specific countries (IP addresses) from many of my websites if they aren't selling to that location but thats easy to get around too..
I also get an email on one of my private servers when people try to "hack" into it and I "ban" them after 5 attempts.. This site gets NO traffic (just a fun page for family,etc...) and its not uncommon to get 100+ hack attempts a day on it through FTP or SSH,etc...
Its mostly what we call "script kitties" that really have no idea what they are doing but found some script on the internet (dark web) that they are running so they are of little harm.. The "good" ones can get into any server at any time no matter what security you have and you never know they were there except deep scanning into access logs,etc.. and they can even get around that..
Welcome to the world as it is today..
Support BRS and just be safe with your information but don't think for a second you are 100% safe.. You never are..
Routinely check your CC statements, bills,etc..
Check your credit scores even routinely..
The faster you see it happening the faster you can stop it..
But its never going to stop..
Well until we just nuke China and Russia
or take away their internet access (#1 and #2 with the most hackers in the world by far)
