Bulk Reef Supply Security Breach

[Cujo]

Reading here prompted me to look at my card transaction history as I made some purchases with BRS recently. I found two fraudulent charges, one from last week and one from this week. I just cancelled my card, never had to do this before.

Not saying this was caused from the BRS leak, but at best its a crappy coincidence.

 

[nyknicks4412]

The solution with Apple works since it already has your card and can process it. An online retailer would not have that ability.

That also doesn't dave one from getting their addresses and name hacked since that is required for order and shipping.

What dinner are looking into is an app that would generate a gift card real time for use. You entered amount is sent to the gc and you use that number for checkout. Similar to Apple pay but with each institution separately

Apple pay works at any institutions that choose to adopt the technology and accept it as a form of payment. They do not need to create anything. Just support payments through apple's apple pay system.


It will blow up in the coming year. People are quickly realizing that number with on that card is not secure. It's way to easy to get it stolen and then bam they have access to your entire credit line.

Unique numbers for each transaction will protect you. As long as Apple isn't hacked hahah. But I'll put my money on them over BRS. No offense to BRS it isn't a unique problem from their standpoint.

 

[soulpatch]

Apple pay works at any institutions that choose to adopt the technology and accept it as a form of payment. They do not need to create anything. Just support payments through apple's apple pay system.

Apple pay relies on NFC. An online retailer can not work with them right now as it stands. That is why many institutions are looking to create a temporary "gift card" that you create to the amount you want to pay with.

It will blow up in the coming year. People are quickly realizing that number with on that card is not secure. It's way to easy to get it stolen and then bam they have access to your entire credit line.

Thieves will learn to steal phones and such to get info. Your personal info is more valuable then a credit card number honestly. If they get enough then they can open new accounts. So regardless of your payment method your name, phone, shipping address, and billing address are all valuable pieces to use in a phishing scheme. And that is all still readily available no matter what payment method is used.

Unique numbers for each transaction will protect you. As long as Apple isn't hacked hahah. But I'll put my money on them over BRS. No offense to BRS it isn't a unique problem from their standpoint.

Apple has been hacked a few times. Perhaps you should look into the fappening.... lol I think plenty of celebrities who had their private photos stolen would suggest otherwise to apple's security.

And this all comes down to who has the data that people want. Banks have data and are faced with multiple hack attempts every second. Apple will now be prone to this more and more the more data that they have. Even the largest banks in the world like Chase, BOA, ect have all been hacked recently and their budget for security is more per day then BRS makes a year I would imagine...

 

[pelphrey]

I knew a guy who's job was to drive around, find medical offices, and see if he could get into their network and gain access to personal info. They didn't sell a cure, they just let people know they weren't in compliance. He said 90% of these places use consumer grade firewalls. This was in the late 90s. Now, everyone is hooked up and not a whole lot of people are wiser to the bad side of the internet.

I run a stack of servers as another hobby, I deal with !@# $%^&# frequently. The stuff we host (mostly old games that would likely be dead by now if we didn't host them) draws trolls like flies to fruit. I host in a very secure data center with extensive security and attack prevention measures. I have to take extreme measures simply due to the idiots out there looking to ruin good times.

The internet was not designed for e commerce. It's a security nightmare.

The last part of your statement is dead on. I won't say that all people know better, but a lot do.

It's like new parents buying a wireless baby monitor and not changing passwords on their routers or the baby monitor. Now you have some creep with nothing else to do but watch you.

 

[nyknicks4412]

Apple pay relies on NFC. An online retailer can not work with them right now as it stands. That is why many institutions are looking to create a temporary "gift card" that you create to the amount you want to pay with.

I stand correct it works for online purchases through Apps on the phone...

My guess is it will be expanded to a similar system like PayPal. It only makes sense as a next step.

 

[deleau]

I had a debit card canceled last month because someone tried to pay for an Uber ride in Boston (I live in OK) with it. Bank declined it and called me about the issue.

Just yesterday that replacement card was hijacked and $2000 in 2 transactions (one in France, one in Amsterdam) were allowed to get money out of my account. Bank allowed those transactions to go through yet still called me and canceled that card.

I, obviously, had used that first card at BRS during that time period. The second one...I used to pay $0.76 for the balance of a purchase using my BRS points for some more filter socks.

Until I get that $2000 back, those are the most expensive filter socks in history...

 

[frost0fractal]

It's much smarter to never use your debit card for online purchases or anywhere your info is stored. That way actual funds from your account are never at risk. Use a credit card, and nowadays you are never responsible for fraudulent charges that way, and none of your actual bank account money can be touched through those cards. I've had every card I've ever used (Capital One, American Express, Barclaycard, etc.) be "stolen" and used, and never once have I been liable for charges that weren't mine.

 

[nigeldcat]

Had to get my Discover Card replaced at end of January due to fraudulent activity. I wonder if this breach was how they got the info? Discover was awesome in handling it, but what a pain to update all the stuff gets auto billed to this card..

 

[Jone]

Im the same never owned a Mac or debit card..Why ??? There will never be any form of currency faster than cash money,,EVER..
The government will eventually get rid of the actual physical "cash " money,,then it will become only numbers and they will have full control on everybody's life..
Then no more illegal activity by anyone concerning money..
It will be like having everyone micro chipped on a finacal level...
The new App you can put on your cell phone that replaces your plastic credit card that is out now,,,the future is coming,,the government just has to train society into thinking its better and easier without public mass conflict.....
POS,,power of suggestion,,it will bite society in the A$$ eventually..

Don't own a debit card and have only one credit card. Cash is still king. I love the commercials where the credit card company's make fun of the people that pay cash.

 

[spieszak]

Im the same never owned a Mac or debit card..Why ??? There will never be any form of currency faster than cash money,,EVER..

There isn't anything secure, or fast about cash... your delusion here is based on the idea that you can touch it. Electronic paper trails and computer generated transactions are much more secure and the speed at which they occur is so much faster than cash transactions as to find your suggestion laughable.

 

[nj_evoIXgsr]

I got hit from the hack. This is the first time this has happened to me and when i am around suspicious areas I tend to make sure they do not try any extra swipes since I have watched how quickly and easy they can read the card info from a simple device connected to a smartphone. There's obviously other devices to scan while in your pocket but that's not something you can prevent.

Anyway, they got me for over 3k! From the sound of what is going to happen, speaking to cop friends in the hobby on a local forum......NOTHING! Amazing and makes you want to be that douche bag if you can simply get away with such a bad thing. Just have to do it from someone beyond state lines.

That's pretty crappy.

 

[nj_evoIXgsr]

Arguing cash over debit/cc is pretty stupid? You don't think people get robbed often enough to have switched over to debit/cc? My issue was taken care of by my bank within minutes. They cancelled and reversed any transaction that was fraudalent. Besides the fact that I love my bank, NAVY FEDERAL!

Cash can get stolen just as easy, lose your wallet, lose your cash, etc.

Anyway, pretty ****ed that it got taken from an online store that I frequent. I probably won't stop purchasing from BRS but I will likely go different routes because of it.

Have a great day everyone and make sure you check your accounts.

 

[m1k3]

Those of you freaking out are maybe a bit over the top. Welcome to 2015. Somehow you think reef stores are impervious to shenanigans. Give it a rest... at least they figured it out and can put an end to it. It effected me as well but I dealt with it like I dealt with it the past 10 times.

If it really is that big of a deal start using cash at your lfs and the local produce mart, I'm sure they would enjoy the business. I think you folks are overreacting and nobody actually lost money here but BRS. The consumer gets the money back. You lost some time and cool points.

I could not have said it better myself. You are exactly right. Home Depot got breached, I still shop there. Target, still shop there. BRS, planning on placing an order tonight.

If your bank isn't refunding the fraudulent charges, you need to find another bank. Someone got my card info not long ago and charged $550 worth video games at a store in France. My bank refunded all of it. Some banks have a you're liable for the first X amount of dollars, not mine.

The fact that BRS owned up to the breach and is offering anything at all is in my opinion pretty darn stand up of them.

 

[spieszak]

Arguing cash over debit/cc is pretty stupid?

Fear mongering is stupid. Thats what was done, and why I responded.
Got news for you. Your cash is only worth as much as your government says it is. I can get on board with all the conspiracy theories, but if you are going to do that, dump your cash, hoard gold. Otherwise, get with the times, and stop turning progress into something devious

 

[Swizzle81]

I was trying to figure out how my cc info was hacked in January and sure enough I made a BRS purchase this past November. I had $700 in fraudulent charges, but caught them within a day and the bank was great and reversed all charges... ie airline tickets purchased online and not in my name, and iTunes purchases online.

 

[nj_evoIXgsr]

Fear mongering is stupid. Thats what was done, and why I responded.
Got news for you. Your cash is only worth as much as your government says it is. I can get on board with all the conspiracy theories, but if you are going to do that, dump your cash, hoard gold. Otherwise, get with the times, and stop turning progress into something devious

What? Nothing wrong with cash but others commented on how they specifically only rely on cash.

Anyway, have a nice day!

 

[Jone]

Never had anyone hack my wallet,,if I want to buy something with cash,,I buy it get a receipt and done..Dont have to sign anything,,open a bill of any sort,,make a bank transaction to pay the bill plus worry about getting hacked and spending time to resolve it,,and my personal info possibly being stolen.. Cash is the best and fastest EVER..
You must work for some sort of internet company ,financial institution or government agency of some sort to think the way your post reflects or maybe a member of one of those hand held, spoon fed generations ...
The ONLY thing credit cards and debit cards make possible are long distance transactions easy and fast,,outside of that ,,there's nothing else..

There isn't anything secure, or fast about cash... your delusion here is based on the idea that you can touch it. Electronic paper trails and computer generated transactions are much more secure and the speed at which they occur is so much faster than cash transactions as to find your suggestion laughable.

 

[spsfreak25]

Has anyone received a letter from them. I just got a letter telling me what happen and that i could be at risk cuz i placed a order on the day they was hacked

 

[Arkayology]

I had some fraudulent charges made on my cars a few weeks ago for airline tickets outside the country. I also bought from BRS recently. I guess this explains it.

 

[bizacon]

I had some fraudulent charges made on my cars a few weeks ago for airline tickets outside the country. I also bought from BRS recently. I guess this explains it.

Same... I was wondering the same, but could be another source as well.

These are the moments I take a step back and realize who we are dealing with here-mankind. Whether you are a evolutionist, creationist, or other form, we all should agree on this...someone always find a way to abuse what someone else has created for good. Case and point here, or even dating back to the Romans.

BRS is a stand up company in my opinion abs they are demonstrating this by letting people know about the breach. I know other companies have swept things under the rug and not done anything.