Viewing 40 posts - 841 through 880 (of 946 total)
  • CRC security issues?
  • Trimix
    Free Member

    Good to see CRC using modern media to address its image / problem.

    Im happy to use them (Paypal to be safe).

    Compared to others, they seemed to handle the crisis pretty well.

    anc
    Free Member

    Dear Mark resident grumpy can I be the first of many to say ‘Nar Na Na Nar Na…. told you!! :mrgreen: 😳 😉

    I’ll get my coat!

    Just kidding, good moderating of a tricky situation 8)

    toons
    Free Member

    Pmsl

    Michael Cowan as I suggested to that nice lady that rang me up, please please can you use verified by visa?

    Fresh Goods Friday 696: The Middling Edition

    Fresh Goods Friday 696: The Middlin...
    Latest Singletrack Videos
    bigjim
    Full Member

    21st march £648.27 debited to flight centre in london a week after a transaction from CRC

    Can you find the flight details and go and wait for them with a couple of hired goons?!

    xiphon
    Free Member

    zokes – Member

    DIrty thieving gypsy scumballs

    How do you know they’re gypsies?

    Unwashed, maybe. Thieving, definitely. Scumballs, certainly. But I’m not quite sure how you can ascertain their race from these factors

    Gypsys are not a ‘race’…

    darrell
    Free Member

    I posted a comment in this thread this morning but it appears to have been removed.

    anyway it said something along the lines off, “Maybe the CRC IT guy, who slagged us all off and blamed everything on us because we were all downloading p0rn, would like to apologise”

    someone gonna delete my post again?

    wwaswas
    Full Member

    darrell – I suspect you’ve bene the subject of forum crankiness rather than moderation – the post I made last night saying that the supplier (he’s not a CRC member of staff) who blamed everyone else should be, errm, talked to is still there.

    darrell
    Free Member

    hopefully right. but it would still be satisfying for us to get an apology from this person

    Junkyard
    Free Member

    The independent forensic investigation has shown that our infrastructure was the target of a sophisticated attack which resulted in the theft of card details relating to a number of our customers. Details were being stolen ‘real time’ and only a small proportion of recent CRC customers were affected

    Really we are all surprised by that trully stunning revelation 😯 I know you may need to be sure it was you etc before doing something [not like you get accused of this wevery week now is it suggest there was some merit to it] but your very slow response – did i really need to hear from a forum that your site was dodgy [compromised as you prefer to say ]from a bank , defrauded friends etc rather than you – and no e-mail yet to my registered account.
    It is probably not your fault what happened but your way of handling it [head in the sand till you confirmed what we already new – more cycnically i could say could no longer deny it] has probably lost you more customers than the actual event. Stuff happens and we deal with it. You have dealt with it specatacularily poorly IMHO not least suggesting we all had trojans etc.

    xiphon
    Free Member

    Don’t be so cocky…

    Now word has got out that you actually hold CC details on-site, expect more attacks.

    There is always someone smarter than your IT department.

    Very poor PR handling of the situation too – you have lost the confidence in many many customers, who no doubt will have jumped ship by now.

    wwaswas
    Full Member

    Now word has got out that you actually hold CC details on-site

    Do they?

    The fact that stuff was being captured in real time would tend to argue that data was not being stored locally?

    toons
    Free Member

    WOW CRC just gave me a very very nice voucher to use on my return visit!

    dirtygirlonabike
    Free Member

    WOW CRC just gave me a very very nice voucher to use on my return visit!

    Me too.

    druidh
    Free Member

    wwaswas – Member
    >Now word has got out that you actually hold CC details on-site

    Do they?

    The fact that stuff was being captured in real time would tend to argue that data was not being stored locally?It would be more correct to say that the details are being captured by the CRC IT systems and then being forwarded on to the payment processing agency. They are being stored, even if you consider that to be temporary. Regardless, it does mean that the CRC IT system is a target.

    WackoAK
    Free Member

    WOW CRC just gave me a very very nice voucher to use on my return visit!

    Got the same one, a bit of faith has been restored.

    clubber
    Free Member

    Details?

    WackoAK
    Free Member

    Details?

    Basically what they have posted on here but with an added bonus of £30 off when you next make an order.

    xiphon
    Free Member

    Sorry for the confusion – by ‘on site’ I mean, they get passed through CRC’s IT infrastructure, even if it’s only a temporary stop over. This still allows an angle of attack.

    Who knows, CRC might completely outsource their payment to a 3rd party landing page, so no CC details are actually going through their infrastructure…

    Recently, Play.com emailed customers to say their 3rd party email system (Silverpop) had been compromised. They were quick to state it was a 3rd party issue, not their own infrastructure.

    clubber
    Free Member

    £30 – nice! Almost wish I’d got done..

    Waderider
    Free Member

    I’m relatively happy, I’ve got thirty pounds off my next order.

    Unfortunately I’ve been telling myself no more CRC – because I had hoped they would be more proactive contacting potential victims. Although I can understand why they didn’t……….

    Think I’ll wait a few weeks to let other people be the guinea pigs.

    Tom83
    Full Member

    When did those vouchers come through? I also got done, but haven’t had one yet!

    neilnevill
    Free Member

    I’ve got the email with the voucher too, arrived in my inbox 50 minutes ago.
    It’s a nice gesture. CRC seemed to start reacting to this problem slowly but appear to have dealt with the problem professionally now, let’s hope the site stays safe.

    toons
    Free Member

    Tom83 did you contact them about getting done?

    neilnevill
    Free Member

    Now watch for a flood of emails to crc….’I got done too, I got done too!’ 😉

    They would seem to know who is affected, as I never contacted CRC directly but they have contacted me. So unless they used this thread, and checked profiles to get emails (which is possible) their system analysis must have revealed who may have had a problem with their site.

    darrell
    Free Member

    well i for one dont care about the 30 quid voucher. The hassle and inconvenience of having my card replaced and the pi55 poor PR means that i will take my business elsewhere. And as i live in Norway ordering from Bike24.de wont take any longer than waiting for CRC – and their service in recent months has been very slow anyway

    iainc
    Full Member

    I was an relatively early poster having had my card done a few weeks ago. Bank called me, all cancelled, sorted and new card a week later. I emailed CRC, got a decent reply, followed up by a phonecall end of last week. Also just received the £30 voucher. All in I can’t complain. My card has been done probably 3 times in the past 5 yrs and this is the first I have had an apology and a goodwill gesture. That said previous frauds not neccassarily so easily attributable to one source…..although there was a Wiggle rumour I recall….

    Taff
    Free Member

    Well that was useful.. my bottom bracket died last night and a new xt one just happens to cost £30!!

    darkgr33n
    Free Member

    £30 voucher here too; hadn’t contacted them; hadn’t posted about it; they know who’s been done.

    agree with iain, i’ve been done about 3 times in the past and this is the fisrt goodwill gesture i’ve seen and from my POV, they’ve hadnled it pretty well; i’ve used them for the last 5 years and have never had any other problem, and when i have spoken to them, they’ve been nothing but helpful so will continue to use them.

    zokes
    Free Member

    Gypsys are not a ‘race’…

    Care to define ‘race’ then?

    circle
    Free Member

    i don’t know whether to trust the 30 quid voucher email i got!!

    I_Ache
    Free Member

    Just ordered some new Mace shorts thanks CRC. £50 down to £28 and now free. Sweet.

    xiphon
    Free Member

    zokes – Member

    Gypsys are not a ‘race’…

    Care to define ‘race’ then?

    Have a read.. 🙄

    http://en.wikipedia.org/wiki/Race_(classification_of_humans)

    Tom83
    Full Member

    Toons – I did email them, this was before they set up dedicated line etc. Might be worth sending them a gentle reminder nudge!

    Twodogs
    Full Member

    I got done, and posted here…no voucher tho! 😥

    eat_more_cheese
    Free Member

    £30 voucher here too, and i’ll most certainly be using them again. I’d like for them to tell me exactly how they knew I was one of the people who’d been affected?? Not sure if it’s from here, via MBNA fraud or is it that they are giving the vouchers to everyone who had bought from them over the past month or two?

    Check your junk mail. My email came through as junk-nearly binned it too as it’s not from an address I’ve saved as CRC correspondance.

    Taff
    Free Member

    agree with iain, i’ve been done about 3 times in the past and this is the fisrt goodwill gesture i’ve seen and from my POV, they’ve hadnled it pretty well; i’ve used them for the last 5 years and have never had any other problem, and when i have spoken to them, they’ve been nothing but helpful so will continue to use them.

    Been using them since ’04 and never had any problems. I’ve been done on a card and never had emails let alone a voucher. Fair play to them I say.

    For those who’ve not received a voucher or email I would say get in contact. Have you tried entering your email into the voucher code though to see if you’re eligible?

    philfive
    Free Member

    i’ve received 2 £30 vouchers, one to my registered email on my account and one to my works email account that i complained with 😀

    i’m very happy

    dazh
    Full Member

    Woohoo! £30 voucher for me too. All is forgiven, I’m very easily bribed. Think I’ll be using Paypal from now on though.

    zokes
    Free Member

    Have a read..

    http://en.wikipedia.org/wiki/Race_(classification_of_humans)

    Oh look, I can use wikipedia too! They are a distinct ethnic group, which unless you’re playing petty semantics to hide your own racist attitudes, would constitute a race for most peoples’ purposes of distinguishing racism.

    HTH

    al
    Full Member

    £30 voucher here too; hadn’t contacted them; hadn’t posted about it; they know who’s been done.

    So, if this is true we can deduce that the logger output was still on the server and available to read and that the CC logger logged not just the CC number and CVV (‘cos CRC don’t store that so couldn’t back match) but also the customers personal details. Thats a fairly blatant stream parser which CRC didn’t spot for a good week after being told they had an issue. Someone is getting fired.

Viewing 40 posts - 841 through 880 (of 946 total)

The topic ‘CRC security issues?’ is closed to new replies.