MonoPrice Hacked, CC Info Compromised?

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
If you have ever shopped at MonoPrice.com, you might want to read this announcement. Although the company says no credit card information was stolen from its network, they released the following statement:

A few of our customers recently reported to us that information from credit cards they used on the Monoprice website had been misused. We promptly began an investigation with the help of expert computer forensic investigators to determine if any card data had been stolen from our computers.
 
Joined
Mar 26, 2006
Messages
707
I hope they get everything figured out. There prices are almost unbeatable with how cheap there cables are. I like how they did however shut down there website so that they can see what went on.
 

RCGodward

Gawd
Joined
Oct 7, 2004
Messages
667
Thanks for the heads up. Checked my order history and was relieved to see that I always used Paypal.
 

Domingo

Fully [H]
Joined
Jul 30, 2004
Messages
20,793
I was apparently one of them. A weird $125 charge popped up on my account at 1AM this morning. Great....just great....
 

TheBluePill

2[H]4U
Joined
Aug 17, 2005
Messages
3,773
Damn Thieves!

Damn Them, Damn Them, Damn Them!

Now i have to go through all the crap to get a new bank card and blah, blah, blah.. all due to Damn Thieves!
 

jandar

Limp Gawd
Joined
Dec 21, 2005
Messages
309
Mine is safe.

Rather use a credit card than paypal anyway. Easier to contest a charge, at least with my bank, and I won't be taking it without lube from paypal again....
 

Term-X

2[H]4U
Joined
Apr 21, 2001
Messages
2,412
I wonder if these breaches only apply to people who "save" their CC info on their store account, as opposed to just CC transactions.
 

hector48

Weaksauce
Joined
Dec 20, 2002
Messages
97
>< I knew it had to be from somewhere, I had to cancel my card late saturday night because a hold try to slip by as an itunes purchase. I bought twice @ monoprice last week.
 

krupted

2[H]4U
Joined
Oct 23, 2006
Messages
3,244
my bank has a "feature" that allows you to over-draw from your checking account, because it takes it out of your saving account. i asked the lady "how is that a feature" and she replied that it wont cost me a $30 nsf charge on my checking account if i go over... and i replied "yeah itll just cost me everything i have in my savings if someone gets a hold of my checking account" she paused for a good 10 seconds and said "yeah, i guess if you look at it that way" :rolleyes:

also why, if i can avoid it, dont leave credit cards on any webite database. im not sure if it matters a whole lot though, im fairly certain the numbers are saved for receipt purposes anyway.
 

Putz

I have a custom title
Joined
Jul 8, 2002
Messages
5,419
sites/stores etc shouldn't even be legally allowed to STORE this info anymore... use it for the current transaction and purge it. they have no reason to keep the info, and if people are going to complain they need to reenter it tfb
 

B2BigAl

2[H]4U
Joined
Mar 23, 2003
Messages
2,076
Man, this shit is getting old. Seems like every week somebody's getting hacked. I shop at monoprice all the time, I guess I'd better keep a close eye on my account. They need to bring back public hangings for the pieces of shit who do this stuff. :mad:
 

Mr. Wolf

Supreme [H]ardness
Joined
Oct 8, 2006
Messages
7,162
I just bought a cable from Monoprice on Monday. I'll keep my eyes on my CC. Thanks for the heads up!
 

Jonathan

Limp Gawd
Joined
May 10, 2008
Messages
132
@deff, What's the securityKey?

Also, a lot more instances of bogus charges are posted on their facebook fan page.
www.facebook.com/Monoprice.com - people are sharing their bogus charges and where they came from, but it sounds like most people were upset that Monoprice has not sent an email or anything giving their customers a heads up. I know they just updated their website with a new message, but from Sunday up until last night, they had a "down for maintenance" message.
 

zalazin

[H]ard|Gawd
Joined
May 12, 2000
Messages
1,650
I ordered some cables on 9 Feb 2010, was hit with close to $600.00 of false charges on the 17 of Feb 2010 on my debit card, Could be there were problems back in Feb.
 

ajira99

Limp Gawd
Joined
Feb 28, 2006
Messages
205
Sounds like Monster got tired of the competition. :D

But it does suck when your card gets hijacked -- happened to me last November and I'm still dealing with idiotic subscriptions to Sports Illustrated, Gevalia and the Disney Movie Club!
 

krupted

2[H]4U
Joined
Oct 23, 2006
Messages
3,244
It's times like this that remind me why I put up with Paypal's BS.

paypal is great when you only use it to buy from stores and trade money as a gift. just dont use it if youre a small store, and stay away from every other function of their service, and its a nice easy way to handle money online. and like you said it does add a little protection.
 

Blauman

[H]ard|Gawd
Joined
Jul 27, 2004
Messages
1,550
Thanks for posting this up. I will need to keep an eye on our bank account, I ordered a good amount of stuff from them about a month ago. Hopefully it turns out to not be true.
 

Blauman

[H]ard|Gawd
Joined
Jul 27, 2004
Messages
1,550
Another thing, I just thought of though. I wonder, assuming they did get hacked, if you don't have your CC info saved into your account are you still potentially at risk? Or are you only at risk if you have them store your CC info?
 

krupted

2[H]4U
Joined
Oct 23, 2006
Messages
3,244
$5 one time fee to have a new paypal passowrd sent to you by text message every time you login? that sounds like a fair deal, i dont get it?
 

Orinthical

[H]ard|Gawd
Joined
Jun 7, 2004
Messages
1,635
$5 one time fee to have a new paypal passowrd sent to you by text message every time you login? that sounds like a fair deal, i dont get it?
Read! :)

Paypal said:
It comes in 2 types, each with different advantages:

1. Security key: You carry this small credit-card sized device with you. It creates a unique security code on the go.
2. Mobile phone security key: You can sign up to get security codes sent by text message to your mobile phone.

Two different options. Option 1 is what I have and love - it's a security token. You press a button and it generates a random number - you use it and your normal PayPal password to log in or use your account. OR you can choose Option 2, which is less secure in my opinion since it's sending over SMS to your cell phone. The benefit of Option 2 is you already carry your cell phone with you - you don't necessarily carry your Paypal RSA token with you.
 

BETA.

2[H]4U
Joined
Aug 10, 2009
Messages
2,906
Hmm one of my debit cards were compromised last week and I had some bogus charges with muslimaid.org, spoof-calling, onesuite, GAP and itunes. I wonder if it has to do with Monoprice because i've been trying to think up how on earth this debit card could have been compromised since I haven't used it/lost it or lent it out to be used for a good while now.
 

keenan

2[H]4U
Joined
Aug 5, 2009
Messages
2,695
Thanks for the heads up, I'll be extra diligent about checking my statement this month.

But seriously, why are these companies even allowed to store CC data at all? Ridiculous.
 

darkpaw

2[H]4U
Joined
May 29, 2008
Messages
2,279
Using a debit card online is a really bad idea imo, traditional credit cards are much better and have better consumer protections. I started using Paypal for Monoprice exclusively after figuring out their website wasn't very secure last year. They store passwords in plain text (easy to see if you use their password recovery). I emailed them about it, but just got a standard canned response. If they scew up something that basic its hard to imagine the rest of their site is very secure.

I just looked through all my previous orders and some of my ones from 2008 are CC, so guess I have to comb through my online statements when I get home.
 

Crucible1001

[H]ard|Gawd
Joined
Apr 7, 2005
Messages
1,611
Paypal + Securitykey = WIN!

Paypal+ virtual debit card = win. With paypal I just create a 1 time use card for each transaction I make online. I also have the ability to cancel a card at any time from my account settings. I have probably used 50 of them already. It is called paypal plugin, but it is in closed beta atm and has been for a couple years. I am not sure why they don't just release it.

If you go to the paypal site it says this, "SORRY, THE PayPal PLUG-IN IS NO LONGER AVAILABLE." Yet, if I go to the page logged in, it shows me several pages. I can check card numbers, remove cards, check history, and even download the latest version, which I did last week.
 

Crucible1001

[H]ard|Gawd
Joined
Apr 7, 2005
Messages
1,611
Paypal+ virtual debit card = win. With paypal I just create a 1 time use card for each transaction I make online. I also have the ability to cancel a card at any time from my account settings. I have probably used 50 of them already. It is called paypal plugin, but it is in closed beta atm and has been for a couple years. I am not sure why they don't just release it.

If you go to the paypal site it says this, "SORRY, THE PayPal PLUG-IN IS NO LONGER AVAILABLE." Yet, if I go to the page logged in, it shows me several pages. I can check card numbers, remove cards, check history, and even download the latest version, which I did last week.

It is this firefox plugin. I just click generate card, log in, and in about 10 seconds I have a new credit card number set for either single or multi use.
 

BETA.

2[H]4U
Joined
Aug 10, 2009
Messages
2,906
It is this firefox plugin. I just click generate card, log in, and in about 10 seconds I have a new credit card number set for either single or multi use.

more info on said plug-in. That sounds pretty cool.
 

Crucible1001

[H]ard|Gawd
Joined
Apr 7, 2005
Messages
1,611
I really hate not being able to edit.

Let me know if it works. It says new paypal plugin, so I assume that means it is new.
 
Top