Yeah, it's weird how some require it and some don't. It kind of defeats the purpose if the CVV isn't required all the time.
As I remember, the only thing required to process a credit card transaction is a credit card number. All other information is requested by a merchant to evaluate the transaction risk and may affect the cost of transaction.
For example, there are very high bank fees for processing transactions with manually typed CC numbers vs scanned from the physical card.
Same applies to processing transactions without a correct billing address or missing CVV.
After all, it is the merchant who suffers a loss if the transaction is fraudulent.
Information Regarding Apparent Theft of Credit Card Information from Monoprice
(Last updated: March 31, 2010 8:20PM PT)
In early March 2010, we received reports from customers that credit card accounts they used to make purchases through our website had later been used to make fraudulent purchases from other vendors. When we received these reports, we took our website offline and promptly examined our computer network to determine if there were any indications that we had been hacked. We hired computer forensic investigators to help us. We identified suspicious files on one of our web-facing servers and asked the investigators to focus on those files. The investigators determined that thieves had penetrated that server. They determined that the thieves had probably intercepted and copied credit card data as we processed transactions.
Working with the investigators, we have preliminarily determined that thieves may have copied approximately 28,500 sets of card information from customers who shopped on the Monoprice website from February 23 through March 5, 2010. The thieves may also have copied about 6,500 additional sets of card data regarding orders customers canceled after they gave us their card information. We provided the card numbers of the potentially affected accounts to our credit card processor, who will provide the card numbers to the credit card associations. We understand the card associations will notify the banks or other financial institutions that issued the cards about the potentially compromised accounts and the financial institutions will determine what actions to take regarding the accounts.
We hired Kroll Fraud Solutions to send letters to each of the potentially affected customers about the apparent theft. Kroll will offer its ID TheftSmart fraud prevention services to those customers at our expense. If your credit card information may have been stolen by the thieves, you will receive a letter from Kroll within approximately one week to 10 days.
Before we put our website back online, we rebuilt our website using new hardware and software and strengthened the security measures we use to safeguard the credit card information. We are continuing to work with a security consultant to ensure that we are taking the appropriate steps to safeguard credit card information.
We truly apologize for any inconvenience and concern the apparent theft of credit card information from Monoprice has caused our customers.
Looks like they confirmed it.
Think the hackers might have been able to lift email addresses and passwords? When I heard of this I had my credit union issue me a new credit card and placed a credit alert in my credit file. Just recently, my email account was hax0red from an IP address in China. Just found that my email password and my monoprice.com userid/password were identical. Grrrrrrrrrrrreat!
don't mean to thread necro but I ordered an hdmi cable and right angle adapter from monoprice on June 9th and a day later my bank was contacted regarding a compromised merchant. In all my years of using paypal I have never had an issue like this.