Forum menu
BTW, I've not had any fraudulent transactions on my debit card despite using CRC regularly for years...
Send me your card details, I'll fix that for you... 😉
BTW, I've not had any fraudulent transactions on my debit card despite using CRC regularly for years...
As have many of us but the transactions in the last few weeks have been subject to fraud..... they've got a problem.
[i]Send me your card details, I'll fix that for you...[/i]
you'll buy something from CRC on his behalf 😉
Just been called by my CC company to say that 2 fraudulent payments of £15 to O2 have been charged to my account. The only transactions in the last month I've placed on there have been with CRC.
what might be of use to punters here is rather than a "I got done", maybe let us know when the last CRC transaction you made was.
I think we can make a link between CRC and the episodes of fraud, no matter what non-liable legalese BS anyone comes up with.
Maybe we can work out the window of the fraud so punters can hazard a guess as to whether their card might be compromised or not by having bought something from CRC within that window.
The indiciations are that it was a narrow window of fraud, possibly some kind of traffic intercept?, and not a whole historic transaction database that was raided.
shmuk - MemberSocial networks are a very powerful thing these days
If you're 9
What do you think forums are?
what might be of use to punters here is rather than a "I got done", maybe let us know when the last CRC transaction you made was.
Used them 3 times in the last month.
Fair enough - 1st March was my order date
Have you any idea what that would do to their cashflow? Are you seriously suggesting that they stop taking CC orders?elliott-20 - Member
The question is, are CRC still allowing CC payments to go through? There is obviously a serious issue and it's only a case of a percentage of all orders at the moment as whoever is listening and intercepting the transactions can basically pick and choose from thousands. Just because a card hasn't been used fraudulently (yet) don't think your home and dry.Surely CRC will piss less people off by removing direct payment for the time being and forcing them to go via PayPal than risk the higher amount of backlash disgruntled customers that have had their CC details stolen.
shmuk - Member
Social networks are a very powerful thing these daysIf you're 9
What do you think forums are?
Thank you BillOddie.
It seems some people don't know a social network when it's staring them in the face. Just because you don't use on MyFaceTweet doesn't mean hundreds or even thousands of CRC customers aren't either.
Another to add to the CRC woe list...
Bought a couple of things on Tuesday night - got a letter in the post from my bank this morning cancelling my card. To quote the young lady I spoke to (and she wouldn't actually mention company names) 'a recent purchase has led us to believe your account is comprimised so we are cancelling your card as a precaution'
Interpret that however you want...
In regards to police investigating, a genuine issue is; where does the offence occur?
CC Fraud investigation is handled by the banks, not police afaik. Only gets handed to police (fraud squad?) later if the bank gets enough evidence.
Saves the cops money, and leaves it up to the banks to decide how to balance cost of fraud prevention against cost of fraud liabilities.
Ordered via CRC on 27/2, didn't notice anything awry on my CC statement which arrived 2 days ago, but didn't pay attention to the statement date. Still waiting for the order though 🙁
My other CC was pwned recently after some chavs tried to spend 79p on it. Bank spotted it immediately. Had only ever been used twice! Replacement one with new number has not even been activated yet, and I have no intention of doing so until I need to use it. Hoping that I don't have 2 pwned CC now...
druidh - MemberHave you any idea what that would do to their cashflow? Are you seriously suggesting that they stop taking CC orders?
Perhaps, but the damaged caused by such an issue as this could have far wider repercussions. Besides, PayPal still takes credit card details even if you are not a member of PayPal. And with a PayPal CRC Branded page customers would feel less uncomfortable using the gateway.
Personally, within an instant of this of this issue arising I would have taken the online payment option offline. Paypal and Tel only, then routed the server for the listener and get it fixed asap rather than putting more customers at risk.
But hey, I suppose they can just keep letting it happen in the meantime and just let the credit card companies take the hit and clean up the mess, yes?
Paypal payment seems to have been safe for me so maybe that is the way to go 'till this is sorted.
[quote=elliott-20]then routed the server for the listener and get it fixed asap rather than putting more customers at risk.
You obviously don't work in IT.
It's not quite that simple. They might not know where the leak is to plug. If anything, during an attack, you wait a while and analyse what is happening. Logging everything as much as possible.
xiphon - MemberYou obviously don't work in IT.
Ha, not entirely, but I've had my fair share of server experience. Gathering data and looking for rogue scripts is one thing but the matter is the they are still putting customers details at risk.
Paypal payment seems to have been safe for me
My other card was pwned by the chavscum fraudsters just a couple of weeks ago. It was a new replacement card (same no., new 3digit code). Had *only* been used to book 1 hotel, and make 1 payment thru Paypal. In my eyes, that's a 50% chance that it was pwned c/o Paypal 😉
The card I used for CRC has no unexpected transactions, but there is a discrepancy of £259.49 between credit limit and available credit, after accounting for purchases and amount to pay from last statement. Watch this space... (I'll be watching the online card thingy at least daily).
CRC know there is no hole in their security but am sure they look into all these things regardless. The biggest security hole is the PC used to order. Servers have dedicated firewalls, secured networks, teams of IT people looking after them knowing what they are going etc. PCs have people using computers with no knowledge of security, surfing round the net and downloading stuff. All speculation, but if its anything related to the net, its by far most likely an issue with peoples PC...... Too many people visiting dodgy sites...
drldan - Member
CRC know there is no hole in their security but am sure they look into all these things regardless. The biggest security hole is the PC used to order. Servers have dedicated firewalls, secured networks, teams of IT people looking after them knowing what they are going etc. PCs have people using computers with no knowledge of security, surfing round the net and downloading stuff. All speculation, but if its anything related to the net, its by far most likely an issue with peoples PC...... Too many people visiting dodgy sites...
Right, so everybody who's CC's been blagged has an infected computer?
Pass the joint around, sounds like you've had one drag too many... 😯
drldan - so you join and your first post is defending CRC?
Do you work for them or have a financial interest in them not lsoign customers from this issue?
I can't believe that you think all of the above cases of fraud are coincidence or bad practice with peoples home pc's [not to mention the number of people sat behind corporate firewalls buying stuff].
Given them amoutn people on here buy from CRC there woudl be continuous allegations of this sort if it was individuals pc's being hacked at this rate.
Sorry, it's just not credible that so many people are having so many similar cases of fraud against them when the only known common factor is shopping at CRC.
Too many people visiting dodgy sites...
Obviously...
Too many people visiting dodgy sites....
Like Wiggle, Rutland Cycles, Evans... 😉
Did anybody bring some food along for the troll tonight?
well, he's given his real name and location in his profile so it shouldn't be too difficult to find out where he works 😉
Nobody would be *that* stupid to put northen Ireland would they? Oh, wait...
Does looking at bike porn count as dodgy? Hurrah we have a link, it's not CRC after all were just all dirty w...... 🙄
CRC know there is no hole in their security but am sure they look into all these things regardless. The biggest security hole is the PC used to order. Servers have dedicated firewalls, secured networks, teams of IT people looking after them knowing what they are going etc. PCs have people using computers with no knowledge of security, surfing round the net and downloading stuff. All speculation, but if its anything related to the net, its by far most likely an issue with peoples PC...... Too many people visiting dodgy sites...
Hhhmmm really?
It's incredible as we sit here now to realise that 10 years ago, ChainReactionCycles.com didn't exist. "Some of our rivals had started to get websites but most were difficult to use and did not seem up to the job." says Michael. We joined forces with bothers Simon and Daniel Loughlin, some friends from the race scene who were starting out on a project to build an ecommerce platform
Taken from [url= http://www.crcintense.com/index.php?option=com_content&view=article&id=225:25-years-of-chain-reaction-cycles&catid=1:news ]here[/url]
Co incidence?
Oh dear 🙄
I just found that ziggy, unblievable.
Daniel - I think you need to be aware that there is no such thing as 'knowing' your site is secure - only believing. In CRC's case it's obvious someone/group has gained access to site traffic and been able to extract card details from your data stream.
Coming on here with a lame insinuation that it's all down to the peopel shopping being hacked just throws any credibility CRC has out the window.
Are you speaking officially for CRC on this occasion?
what percentage of the people who have had issues with CRC have also used STW? Maybe there is a correlation there.
it's possible Quirrel but there are MAc users who've had problems and there isn't a similar 'I've got a virus' string of complaints from people who's cards have been done over?
its by far most likely an issue with peoples PC
And the Mac users?
EDIT - Yeah as above ^
The more I think about drldan's post the more angry I get - if his view is really an indication of what CRC are thinking about this issue - that there is no chance it's them - then it's probably also true that they are doing nothing beyond 'the norm' to either identify or shut down any possible security issues.
It really beggars belief that they think they can put their heads in the sand and hope it goes away - they'll just end up getting kicked in the arse.
wwaswas, I have been thinking exactly the same. I sincerely hope this isn't a case of buck passing.
Didn't stw get hacked and taken off the web a while back? Would think that every site is susceptable to hackers, though CRC do seem to be burying their heads in the sand (that said 2 friends of mine have bought recently with no problems from CRC)...the plot thickens.
sorry, that should be susceptible
Was going to order something earlier but not after seeing this thread, quick google reveals mtb, roadie and bmx forums all independently posting the same concerns, little bit too widespread to be chance I suspect.
Sorry, but I really can't believe that the real Daniel Loughlin would come on here, write that post AND leave those details in his profile.
I think someone is pulling STWs collective leg.
Should be easy enough for the Mods to find out though - if they can be arsed.
Daniel's post above is incredible... "I made it, therefore it is not the problem, therefore it must be your fault." FO. Edited to add unless the conspiracy theorists (meant in the most positive way) prove correct, of course!
I've just been building up a nice wishlist at CRC too... ah well.
Echo what druidh says though did seem all too easy, I would have a thought a web guru would know better..maybe it's somone from Wiggle kicking a wounded animal when down 😆
If that is really from Daniel Loughlin then he's an idiot. Less than a minutes googling reveals who he is and what interest he has. Surely someone actually working in the field wouldn't be that silly??
Didn't stw get hacked and taken off the web a while back?
Yup, STW got pwnd. LOL
Just got done - 02 prepay and vodafone - £50 in total. Also used CRC in the last two weeks. Clearly not a coincidence.
'Dan' appears to have edited his public info to remove his surname in the last ten minutes, I had assumed it was a troll up until that point, oh dear.
Didn't stw get hacked and taken off the web a while back?
[s][url= http://evilzone.org/about-us/ ]evilzone[/url] are back up and running. Those names look familiar as well.[/s]
My memory bad - wwas below has it. Also, sorry for contributing to hijack.
stw was hacked by a scriptkiddy - not sure 'evil zone' was ever involved other than as collateral damage when some of the mroe technical stw members took it down in revenge.
'funniest' bit of the whole situation was when the evilzone moderators had to start posting on a cobbled together stw site as their's was in pieces.
only positive thing to come out of it, from my perspective, was I got my name in the magazine...
Hmmm... This thread could be going AWOL soon.