Comments on: Geeks.com Hacked http://www.digitaltrends.com/computing/geekscom-hacked/ Upgrade Your Lifestyle Mon, 23 Nov 2009 18:06:40 -0800 http://wordpress.org/?v=2.8.5 hourly 1 By: Not Notified by Geeks.com http://www.digitaltrends.com/computing/geekscom-hacked/#comment-55574 Not Notified by Geeks.com Tue, 15 Jan 2008 15:13:32 +0000 #comment-55574 I've also been a loyal customer for years as well as a GEEKS' affiliate, sending new customers to their website. I did not receive any word from Geeks regarding the hack or the risk to my financial information. I DID receive more than 10 marketing emails from Geeks over the past month since the website hack so I'm pretty certain they have my email address. <br /> <br /> Today I learned from my bank that one of my credit cards was recently compromised "in connection with a website that is now undergoing a fraud investigation". This particular credit card is less than 12 months old, is -rarely- used for online purchases but happened to have been used for a GEEKS purchase in November. Not a word to me from GEEKS, though. Maybe they were hoping I'd not notice the fraudulent charges that started appearing today? Lucky for me my bank spotted those charges and gave me a call.<br /> <br /> As if failure to notify customers wasn't bad enough, it seems that GEEKS stored customers' CVV2 card verification numbers -- the special 3-digit numbers on the backs of VISA cards that merchants are ABSOLUTELY NOT supposed to keep as expressly stated by VISA in their merchant agreement. <br /> <br /> If GEEKS.COM wants to retain some level of customer trust, GEEKS needs to inform ALL of their customers of the hack, the resulting risk and how GEEKS is going to fix things. And a "We're sorry" probably wouldn't hurt, either... I've also been a loyal customer for years as well as a GEEKS' affiliate, sending new customers to their website. I did not receive any word from Geeks regarding the hack or the risk to my financial information. I DID receive more than 10 marketing emails from Geeks over the past month since the website hack so I'm pretty certain they have my email address.

Today I learned from my bank that one of my credit cards was recently compromised “in connection with a website that is now undergoing a fraud investigation”. This particular credit card is less than 12 months old, is -rarely- used for online purchases but happened to have been used for a GEEKS purchase in November. Not a word to me from GEEKS, though. Maybe they were hoping I'd not notice the fraudulent charges that started appearing today? Lucky for me my bank spotted those charges and gave me a call.

As if failure to notify customers wasn't bad enough, it seems that GEEKS stored customers' CVV2 card verification numbers — the special 3-digit numbers on the backs of VISA cards that merchants are ABSOLUTELY NOT supposed to keep as expressly stated by VISA in their merchant agreement.

If GEEKS.COM wants to retain some level of customer trust, GEEKS needs to inform ALL of their customers of the hack, the resulting risk and how GEEKS is going to fix things. And a “We're sorry” probably wouldn't hurt, either…

]]> By: Matt http://www.digitaltrends.com/computing/geekscom-hacked/#comment-55573 Matt Fri, 11 Jan 2008 07:39:00 +0000 #comment-55573 What bothers me is that their staff didn't email everyone warning them that this happened. I have been a loyal customer for years now and I didn't receive one either. <br /> <br /> Having your site hacked unfortunately is sometimes part of doing business online, but to not inform ALL your customers that it happened is in my opinion criminally negligent. Shame on you Geeks.com! What bothers me is that their staff didn't email everyone warning them that this happened. I have been a loyal customer for years now and I didn't receive one either.

Having your site hacked unfortunately is sometimes part of doing business online, but to not inform ALL your customers that it happened is in my opinion criminally negligent. Shame on you Geeks.com!

]]> By: Scott Beckstead http://www.digitaltrends.com/computing/geekscom-hacked/#comment-55570 Scott Beckstead Tue, 08 Jan 2008 17:29:19 +0000 #comment-55570 What's the point of certifying anything if it doesn't mean certified? McAfee has a lot to answer for and we should not let them off the hook either. Since we assume as consumers that hacker safe means hacker safe and it says cerified that's what we expect.<br /> <br /> What's the point of certifying anything if it doesn't mean certified? McAfee has a lot to answer for and we should not let them off the hook either. Since we assume as consumers that hacker safe means hacker safe and it says cerified that's what we expect.

]]>