Very true. On Reddit link posted above there are some responses WL sent out to people who had said that it had to be their site because it was the only place the card was used.
“Thank you for your recent order with Wizard Labs. We are sorry to hear about your experience with your credit card. However, we do not store credit card information on file. We have added a 3rd party firewall up to discover any malicious attack on our website. So far we have not found any breach of security but we are going to keep investigating. We will contact you to let you know what the investigation find. I hope this information is helpful and if you have further questions or concerns please e-mail and we will be happy to assist you.”
And later down the road Wizard labs posted on their own. Basically, I feel like it says there is a problem, we aren’t sure what it is, and we aren’t going to specifically admit it was from here…
u/WizardLabs • Jul 4, 2017, 10:12 AM
Wizard Labs takes the privacy of customer information very seriously; your confidence and trust are important to us.
We have been notified by several of our customers that they have experienced fraudulent transactions on their payment card statements. We made it our top priority to examine our systems and began an investigation. Our third-party merchant services provider and server hosting provider conducted vulnerability scans of our system, both resulting in a clean bill of health. Further, our merchant stated that we are currently PCI compliant. Our server hosting provider performed a sweep and scan on our system and have no verified findings. They also confirmed that our SSL is up to date and functioning with AES encryption and SHA-2. As an extra security measure, we engaged a cyber security firm to perform a more in depth screening of our website. They will continue to monitor our website 24/7/365 for any malicious attacks or malware on our system. In addition, we have deployed a third-party firewall adding to Wizard Labs’ primary firewall to provide another level of protection.
It is recommended that you review your payment card account statements closely and report any unauthorized charges or suspicious activity to your card issuer immediately. Contact information is usually on the back of your payment card and included on the account statement. If you believe that your personal information has been compromised please provide any information that will help us further this investigation by contacting us at, firstname.lastname@example.org. Thank you for your letting us know of any issue you have experienced and for your patience as we continue our investigation. We will update this post as soon as we have additional information.