Forum menu
Details?
Details?
Basically what they have posted on here but with an added bonus of £30 off when you next make an order.
Sorry for the confusion - by 'on site' I mean, they get passed through CRC's IT infrastructure, even if it's only a temporary stop over. This still allows an angle of attack.
Who knows, CRC might completely outsource their payment to a 3rd party landing page, so no CC details are actually going through their infrastructure...
Recently, Play.com emailed customers to say their 3rd party email system (Silverpop) had been compromised. They were quick to state it was a 3rd party issue, not their own infrastructure.
£30 - nice! Almost wish I'd got done..
I'm relatively happy, I've got thirty pounds off my next order.
Unfortunately I've been telling myself no more CRC - because I had hoped they would be more proactive contacting potential victims. Although I can understand why they didn't..........
Think I'll wait a few weeks to let other people be the guinea pigs.
When did those vouchers come through? I also got done, but haven't had one yet!
I've got the email with the voucher too, arrived in my inbox 50 minutes ago.
It's a nice gesture. CRC seemed to start reacting to this problem slowly but appear to have dealt with the problem professionally now, let's hope the site stays safe.
Tom83 did you contact them about getting done?
Now watch for a flood of emails to crc....'I got done too, I got done too!' 😉
They would seem to know who is affected, as I never contacted CRC directly but they have contacted me. So unless they used this thread, and checked profiles to get emails (which is possible) their system analysis must have revealed who may have had a problem with their site.
well i for one dont care about the 30 quid voucher. The hassle and inconvenience of having my card replaced and the pi55 poor PR means that i will take my business elsewhere. And as i live in Norway ordering from Bike24.de wont take any longer than waiting for CRC - and their service in recent months has been very slow anyway
I was an relatively early poster having had my card done a few weeks ago. Bank called me, all cancelled, sorted and new card a week later. I emailed CRC, got a decent reply, followed up by a phonecall end of last week. Also just received the £30 voucher. All in I can't complain. My card has been done probably 3 times in the past 5 yrs and this is the first I have had an apology and a goodwill gesture. That said previous frauds not neccassarily so easily attributable to one source.....although there was a Wiggle rumour I recall....
Well that was useful.. my bottom bracket died last night and a new xt one just happens to cost £30!!
£30 voucher here too; hadn't contacted them; hadn't posted about it; they know who's been done.
agree with iain, i've been done about 3 times in the past and this is the fisrt goodwill gesture i've seen and from my POV, they've hadnled it pretty well; i've used them for the last 5 years and have never had any other problem, and when i have spoken to them, they've been nothing but helpful so will continue to use them.
Gypsys are not a 'race'...
Care to define 'race' then?
i don't know whether to trust the 30 quid voucher email i got!!
Just ordered some new Mace shorts thanks CRC. £50 down to £28 and now free. Sweet.
zokes - MemberGypsys are not a 'race'...
Care to define 'race' then?
Have a read.. 🙄
http://en.wikipedia.org/wiki/Race_(classification_of_humans)
Toons - I did email them, this was before they set up dedicated line etc. Might be worth sending them a gentle reminder nudge!
I got done, and posted here...no voucher tho! 😥
£30 voucher here too, and i'll most certainly be using them again. I'd like for them to tell me exactly how they knew I was one of the people who'd been affected?? Not sure if it's from here, via MBNA fraud or is it that they are giving the vouchers to everyone who had bought from them over the past month or two?
Check your junk mail. My email came through as junk-nearly binned it too as it's not from an address I've saved as CRC correspondance.
agree with iain, i've been done about 3 times in the past and this is the fisrt goodwill gesture i've seen and from my POV, they've hadnled it pretty well; i've used them for the last 5 years and have never had any other problem, and when i have spoken to them, they've been nothing but helpful so will continue to use them.
Been using them since '04 and never had any problems. I've been done on a card and never had emails let alone a voucher. Fair play to them I say.
For those who've not received a voucher or email I would say get in contact. Have you tried entering your email into the voucher code though to see if you're eligible?
i've received 2 £30 vouchers, one to my registered email on my account and one to my works email account that i complained with 😀
i'm very happy
Woohoo! £30 voucher for me too. All is forgiven, I'm very easily bribed. Think I'll be using Paypal from now on though.
Have a read..http://en.wikipedia.org/wiki/Race_(classification_of_humans)
[url= http://en.wikipedia.org/wiki/Romani_people ]Oh look, I can use wikipedia too![/url] They are a [i]distinct ethnic group[/i], which unless you're playing petty semantics to hide your own racist attitudes, would constitute a race for most peoples' purposes of distinguishing racism.
HTH
£30 voucher here too; hadn't contacted them; hadn't posted about it; they know who's been done.
So, if this is true we can deduce that the logger output was still on the server and available to read and that the CC logger logged not just the CC number and CVV ('cos CRC don't store that so couldn't back match) but also the customers personal details. Thats a fairly blatant stream parser which CRC didn't spot for a good week after being told they had an issue. Someone is getting fired.
No voucher here. I have not contacted CRC directly, and do not have my email address on my public STW profile. This would imply that they do not know who's card details were taken, and so I would take the statement "only a small proportion of recent CRC customers were affected." with a pinch of salt.
To add to the thread I bought something, with the voucher around this time, but used PayPal. So as noted by a few already I wasn't affected.
Personally I won't use crc again, I've never used Wiggle since there reported issues, although my LBS will use hotlines so the revenue will head CRC's way, but personally I haven't the confidence in their ecommerce infrastructure, their ability to support and secure it. This is a major breach regardless of how it's spun and we will never truly know the scale.
I got the vouchers two of them both in deleted items. My very first CRC purchase was a nightmare and it seems my last has been too 🙂
Personally I won't use crc again, I've never used Wiggle since there reported issues, although my LBS will use hotlines so the revenue will head CRC's way, but personally I haven't the confidence in their ecommerce infrastructure, their ability to support and secure it.
LOL, what a very very short sighted view that is. Are you happy to use other online retailers even though to your knowledge they haven't been affected? What's to say they wont be affected? What's to say CRC, Wiggle etc.. aren't some of the most secure? Either before or from what they've learnt post incident? You use Singletrack. This place was hacked some time ago & alot of email addresses & log-in details went AWOL.
What's to say CRC is fixed bar a post on a forum?
Your right the others could be attacked too, but in my post I reference LBS and not online.
The STW hack caused me no lost time and email is less sensitive than my credit card and personal details it's not comparing like for like, business that hold cc details need to conform to pci forum owners for email address don't
Ultimately my choice wouldn't let it worry you to much 🙂
Personally I won't use crc again....
I think if you shop on the internet this sort of thing is par for the course. Sure CRC have not handled this particularly well, and they have no doubt learned some very valuable lessons but I'm sure they're now more on the ball with security than some retailers who haven't been hit yet.
All you can do is to be vigilant, use a credit card (or paypal) and not a debit card, and watch your bills like a hawk, which all seems like common sense anyway. Either that or go back to waiting weeks for your LBS to source parts from perhaps the same suppliers and charge you more for them (that's not a dig at LBS's by the way, just a statement of fact).
I feel left out, cleaned out to the tune of £2.5k & no voucher for me 🙁
I need to order some new shoes too (with Paypal now of course!)
Check your spam folder, mine went there. Or just add something to your basket then try your registered email in the voucher box 😉
Tried that, not beein having much luck with CRC recently, lost parcels, wrong stuff sent, replacement stuff never sent, card scammed...
Maybe I should try somewhere else!
Check your spam folder, mine went there...
Thanks for the tip! I just found another voucher in my spam folder to add to the one that went to my work email. 😀
how is everybody getting these vouchers ? how do they know who to give them to ?
how is everybody getting these vouchers ? how do they know who to give them to ?
I sent an email telling them I'd been affected after they posted on here asking people to let them know. After emailing them I even got a personal phone call by Mr Cowan apologising in person for the hassle.
e-mail sent, just wait and see if i'm to late. Need some new shifters though so would certainly be handy
I didnt get done (as I spotted the bikeradar thread early on and posted here)
No £30 voucher
Wouldnt weant one anyway as I just saved over £30 on CRC prices anyway by using Rosebikes in Germany
and it was delivered in 2 days by parcelforce, in sensible sized packaging
Im happy to use CRC via paypal whenever but this opened my eyes to other retailers. The internet bike retail world has not been standing still during CRC's rise to domination
Yes CRC may be cheapest for alot of things still, but not everything, and the hassle of the large packaging for me delays delivery by 3-4 days as I have to get to the main sorting office to collect the parcel
No voucher for me either. Tbh I moaned on here but didn't contact them about it.
Maybe if I take a copy of my statement and email it to them as proof...
well i got the email about the voucer yesterday so thought i'd try it......
£35 order for just £5! & paid through paypal (as i will do for all sites now if its avaliable)
for those who havent had the email or cant find it, have you tried ordering? cos the voucher code is just your email address
Tried buying something off CRC today over the phone,card rejected.
bank rung me straight away saying they had stopped my card 😮 over the card being copied...
Paypal all the way. Be smart people.
So, remind me again would you - is it only people who've bought something in the recent future that have a problem - it's been a month or so since I last bought anything from them, but 've not checked my account for a while, am I going to get a shock?!
Yes coffeeking it's people that bought in the recent future 🙄
In fact people that haven't bought anything yet but might do a week next thursday