Thanks for posting this! I had a cart in Wizard Labs. It’s always a terror to read things like this. Same thing happened on MyFreedomSmokes a few weeks ago. I received an email from MyFreedomSmokes notifying me that my card information was compromised.
Just for safety purposes I contacted them and had them delete all my account information and notified my bank. I made multiple purchases during the month from different vendors with my card so I was worried. Most banks, if you notify them of the possible breach in security will set an active alert / notes on your account just in case you have to file a claim for a fraudulent charge(s). Paypal and these new “Burner Cards” are definitely safer alternatives.
The three words you need to know when online shopping… " prepaid credit card" your personal credit card should be for emergency use only! in my not-so-humble opinion
It probably wasn’t them. If you aren’t buttoned down and fire walled on your device… it could have been some bozo in your neighborhood that got on your wireless router.
Most major credit card’s (banks) have virtual account numbers available expressly for online purchases. These one time use numbers can be assigned a dollar limit by you. I would advise everyone that has access, to utilize for all internet/phone purchases. For an even additional layer of security you can use the one-time virtual account on PayPal, which just makes it more invisible to the potential thieves out there.
You all have to remember too that a lot of times, stolen numbers aren’t even used for weeks to months after taken. So it’s not necessarily the latest purchase.
Some of these cards had not been used in years which is a pretty big indicator, although nothing is certain. I am looking at this site, after the fact, they could have implemented changes, but as it stands they do have an element of long string code that could be used for malicious injection. I agree there are too many variables to say for sure, but a lot of people are having this happen.
I’ve followed this here, and on reddit closely. It COULD be possible for bad or injected code ON the vendor’s website to be the culprit as well as unscrupulous employees/webmasters, but I’m wondering if there is any way WE could elicit and track which credit card processors are being used.
Hold on, I have continuously been scanning the site since reading the Reddit post, several scans reported fine, except one, which listed an element of Java Script as a warning for long string code injection, today that warning is gone as I scanned at 10:15. False positives can occur, but that fact that the page element warning is gone today is a little odd.
My debit card was compromised yesterday, ordered from WL in June. Seems likely, but can’t be sure. Also have ordered from ECX, DiyVs, RF and NF since then.
Somebody bought $147 worth of Chanel perfume from Neman Marcus! Got it refunded, thankfully. Getting a new card is a hassle, for sure. Keep an eye out on your card activity!
Has anyone contacted wizard labs and brought this up to them? Maybe it’ll scare them afrom doing it more or stopping them from attempting other people’s if they know we’re aware of it! I for one am done ordering from them now! Also how certain are we that it’s them and not someplace else we ordered from?