discussion Hannants hacked

[Guest]

If that is the case then it is much worse as it does mean that all payments made to them, website, phone or even in their shops could have been compromised

What does bring this home, is that I will be very, very, very concerned about leaving my card details without the secure server such as world pay or Paypal! This by the way is not a Hannants witch hunt, although it may appear this way to one or two, but I refer to my earler post about them clearing all cards from their server, which is clearly posted on their web page.

A sad state of affairs ....................

Andy

 

[Guest]

Even tho I havent brought from Hannants as I go through a 3rd party to obtain items,like John I would be very worried now as if they have your credit number they also have all your credit details, account number,address and such like. Identity fraud is big business in the criminal world.

Tony..

 

[Guest]

Sent an email to hannants this morning as to whether this was limited to web sales only, they were very quick to respond & the response was quite unnerving.

All sales go through the website, check your statements.

 

[Guest]

You may want to read the thread here on Britmodeller;

Clearing bank hacked - card details stolen - Britmodeller.com

as well as the one on ARC;

credit cards on Hannants compromised - ARC Air Discussion Forums

As it does appear the 'problem' is widespread,not just here in the UK,but the US & other countries.Even tho I have a debit card,I always use a top up credit card for online shopping.Safest way IMHO.

This is the one I use & it's free.

O2 Money

 

[stona]

I just got a call from my credit card company. My card details have been used fraudulently. I'm obviously not liable or out of pocket but it is a bit unnerving and also inconvenient as that credit caed is stopped and I'll have to wait for another one.

Not very adventurous crooks,they tried to buy something fot 150 quid from Robert Dyas!

I'm nipping out to get some cash.

Cheers

Steve

 

[Guest]

You may want to read the thread here on Britmodeller;Clearing bank hacked - card details stolen - Britmodeller.com

as well as the one on ARC;

credit cards on Hannants compromised - ARC Air Discussion Forums

As it does appear the 'problem' is widespread,not just here in the UK,but the US & other countries.Even tho I have a debit card,I always use a top up credit card for online shopping.Safest way IMHO.

This is the one I use & it's free.

O2 Money

Looks as if I have been hit for a £20.00 charge to 02 prepay slough.gbr which made no sense to me until I read the above, have advised my card company.

 

[Guest]

Looks as if I have been hit for a £20.00 charge to 02 prepay slough.gbr which made no sense to me until I read the above, have advised my card company.

I'm glad I posted it then!looks like they were about to go for the jugular after the £20 one,although it does seem in the threads that O2 have gotten a lot of transactions...I wonder if the is possibly any value in that the perps would have to have a O2 number to buy top up's...Hopefully they've been stoopid enough to provide real details to O2...

 

[John]

Just got an update

Dear Customer,Investigations are still on-going but so far no problem area or trace of illegal entry can be found anywhere. How the card numbers were taken is still a mystery. Two firms are still looking at everything and we hope to have their reports in soon. For now we are still not prepared to fully re-open the website.

We have PARTIALLY re-opened the website. We have done this so you can check that we are telling the truth that the card details have been removed and so that you can use all the other parts of the site. We suggest that while you are logged in you also check any items that are on back order and/or in your cart and adjust as required.

Currently you cannot enter new card details at this time or send orders to us but most other facilities are still operating as usual.

We have temporarily stopped sending out back orders just in case sending the data that goes with ordering is where the problem is. We have been told that it is encrypted everywhere and is not a problem area so now we do not think it is but we need to be certain.

TELFORD SHOW ORDERS. To send us an order for collection at the show please add a Collect from show address with your name on as usual, add what you want to buy to your cart as before BUT then email us to say it is there in your cart. We will then download it and have it ready for collection and payment at the show. You do not pay until you collect so we do not need any payment now.

MAILORDERS. WE CAN NOW ACCEPT ORDERS THIS WAY... Please put your order in the cart as normal then TELEPHONE or FAX us with your card details. We will then download your order and attach the card details to the order. We will then be able to process your order. Our email is not secure so we cannot recommend you send your card details that way.

Please be aware that the cart only 'remembers' items if they are actually saved in the cart. Items in the Quick Order only do not get saved.

We will email more information as soon as we can. Quite a few customers have told us that they are on the emailing (Hot News) list but have not received an email from us. We think this is because they are being stopped as spam. Mostly the customers are with Hotmail, Yahoo, AOL and of course BT. If you can pass our emails to any of your modelling friends please do.

Everyone at Hannants would like to say a massive 'thank you' for the emails, and phone calls of support, help and encouragement you have sent us. With the exception of about 8 people your support has been fantastic.

Congratulations should also go to the worlds banking system who seem to have spotted and stopped the majority of the charges before they got to the customer.

As has already been said the big plus was that they warned their customers as soon as they identified a problem, this email says you can fax your credit card details to them, that is probably the most unsecure way possible. :redface:

 

[Guest]

I'm glad I posted it then!looks like they were about to go for the jugular after the £20 one,although it does seem in the threads that O2 have gotten a lot of transactions...I wonder if the is possibly any value in that the perps would have to have a O2 number to buy top up's...Hopefully they've been stoopid enough to provide real details to O2...

Hi Merv, thanks for your help, have cancelled my card and awaiting a new one - a real pain, but I will get my money back. Thanks again Cheers Derek

 

[Guest]

I think considering the effort Hannants have gone to in order to warn customers and keep them informed, they deserve our support more than ever!

We are in difficult times and the internet has provided a great opportunity to spread business around the globe (my own employer is just about to launch an e-commerce site). The means by which payments are taken is NEVER going to be foolproof. As soon as a secure system is created by one person, another hacks it, that's just the way it is sadly.

Our only really secure way to trade is with physical money at our local model shop........trouble is, we want stuff that isn't available from there so we have to go online.

 

[Guest]

Just had a call from my card company's fraud dept; they've spotted some unusual activity and stopped the card. Suffice to say, the activity wasn't mine, and runs into well over £1000. I won't be using Hannants again.

 

[AlanG]

Just found mine has been used as well. Not happy as it's £514

 

[Guest]

Not connected to the Hannants hack but my card was hacked at the weekend. Not happy at all,bank and police are investigating the matter. zzzzzzz

Tony..

 

[stona]

It seems a lot of cards have been compromised. Several friends and colleagues are in the same boat as me and most of them have certainly never ordered anything from Hannants. I think their has been a major security breach up the banking chain. I've heard nothing in the press or other media which does make you wonder if the true extent of the problem is being,shall we say,disguised.

Cheers

Steve

 

[Guest]

I think it is third party and nothing to do with Hannants. They have issued updates stating that they are now confident that no details were taken from them. I think Steve is right, this is an incident that we happen to tie into Hannants simply because they had the balls to announce what they thought was a problem with them. Any central banking system that processes cards is going to be targeted. What annoys me is when they ship these, and call centres holding far too much details on people off shore where the security is lower and the corruption is higher.

I know that data held in this country is never 100% but the amount of data sold from Asian countries that have no cover from the Data Protection Act and no comeback to people who's data has been sold.

 

[Guest]

I go on a US modelling motor racing forum site called F1M and a few of their lads have been done also , to me this is a worldwide problem I believe not just in the UK , the banks and credit card companys are covering this up without a doubt, there are major problems happening at the moment that they can`t sort out

Richy

 

[stona]

Rumour has it that a card clearing bank was hacked by some Korean criminals. I'm guessing that would be South Korea.

I agree,Graham,that Hannants deserve a lot of credit for being so up front about a problem that turned out to be nothing to do with them. I suspect a lot of people feel that way which will make a potential PR disaster into quite the opposite.

Steve

 

[Guest]

My CC info was compromised too, but my bank had already blocked it so no harm done. The thing is that it's more than 6 months ago that I placed my last order with Hannants and still the payment clearer kept my info - quite worrying. Yes, I could decide to not buy from Hannants again, but how would I know if the other E-Shops don't used the same payment clearing service. Or even worse that more payment cleares are just as negligent? That sort of bombs my e-Trust back to new-years eve 1999. I for one do not blame Hannants.

/Daniel

 

[Guest]

I don't think anyone can "blame" Hannants but I'm fairly sure that some will think "why take the risk?", sad

An attempt has been made on my card too, for the massive sum of £1, the bank spotted it and stopped all non-PIN transactions imediately

I like Paypal, the sooner they get it sorted the sooner I'll be back on their website

 

[stona]

An attempt has been made on my card too, for the massive sum of £1, the bank spotted it and stopped all non-PIN transactions imediately

I'm told that this is common practice. The criminals sell on the card details to others who will then test the card,usually with a small transaction. If that slips under the radar they will then go for the big pay off. That's when you suddenly find that you have bought flights to India or expensive computer hardware! This according to my brother who is a copper,though this is not his specific field.

I've often wondered how a criminal would pay for stolen card data,presumably not with a credit card!

Cheers

Steve