MonoPrice Hacked, CC Info Compromised?

Yeah, it's weird how some require it and some don't. It kind of defeats the purpose if the CVV isn't required all the time.

As I remember, the only thing required to process a credit card transaction is a credit card number. All other information is requested by a merchant to evaluate the transaction risk and may affect the cost of transaction.

For example, there are very high bank fees for processing transactions with manually typed CC numbers vs scanned from the physical card.
Same applies to processing transactions without a correct billing address or missing CVV.

After all, it is the merchant who suffers a loss if the transaction is fraudulent.
 
As I remember, the only thing required to process a credit card transaction is a credit card number. All other information is requested by a merchant to evaluate the transaction risk and may affect the cost of transaction.

For example, there are very high bank fees for processing transactions with manually typed CC numbers vs scanned from the physical card.
Same applies to processing transactions without a correct billing address or missing CVV.

After all, it is the merchant who suffers a loss if the transaction is fraudulent.

Thanks for the clarification. So it's up to the e-tailer/retailer on how much info. they need from the CC. I know at a store, sometimes they require a signature and sometimes they don't. I guess that also impacts their transaction cost? Maybe the CVV on-line is the equivalent of a signature at a B&M store in terms of security against CC fraud?
 
sites/stores etc shouldn't even be legally allowed to STORE this info anymore... use it for the current transaction and purge it. they have no reason to keep the info, and if people are going to complain they need to reenter it tfb

QFT +1
 
Looks like they confirmed it.

http://www.monoprice.com/home/view_notice.asp
Information Regarding Apparent Theft of Credit Card Information from Monoprice
(Last updated: March 31, 2010 8:20PM PT)

In early March 2010, we received reports from customers that credit card accounts they used to make purchases through our website had later been used to make fraudulent purchases from other vendors. When we received these reports, we took our website offline and promptly examined our computer network to determine if there were any indications that we had been hacked. We hired computer forensic investigators to help us. We identified suspicious files on one of our web-facing servers and asked the investigators to focus on those files. The investigators determined that thieves had penetrated that server. They determined that the thieves had probably intercepted and copied credit card data as we processed transactions.

Working with the investigators, we have preliminarily determined that thieves may have copied approximately 28,500 sets of card information from customers who shopped on the Monoprice website from February 23 through March 5, 2010. The thieves may also have copied about 6,500 additional sets of card data regarding orders customers canceled after they gave us their card information. We provided the card numbers of the potentially affected accounts to our credit card processor, who will provide the card numbers to the credit card associations. We understand the card associations will notify the banks or other financial institutions that issued the cards about the potentially compromised accounts and the financial institutions will determine what actions to take regarding the accounts.

We hired Kroll Fraud Solutions to send letters to each of the potentially affected customers about the apparent theft. Kroll will offer its ID TheftSmart™ fraud prevention services to those customers at our expense. If your credit card information may have been stolen by the thieves, you will receive a letter from Kroll within approximately one week to 10 days.

Before we put our website back online, we rebuilt our website using new hardware and software and strengthened the security measures we use to safeguard the credit card information. We are continuing to work with a security consultant to ensure that we are taking the appropriate steps to safeguard credit card information.

We truly apologize for any inconvenience and concern the apparent theft of credit card information from Monoprice has caused our customers.
 
^^^

This is why monoprice will get my business again.

1) Find fault
2) Apologize
3) Correct the problem
 
Looks like they confirmed it.

Thanks for the update. I see the note was posted by CEO Jong S. Lee. I hope he does take this as seriously as his message indicates MonoPrice is.

It's also good to know that only those who made CC transactions between Feb. 23 through Mar. 5 are affected as opposed to anyone who has made CC transactions w/ MP.
 
Wish they responded to my emails though, they said they would contact me, but didn't. My credit card was compromised and wasn't fun. At least everything seems fine now, and hopefully I'll get the letter soon, and be able to close this.
 
did anyone pull their credit history to check if any new cards were openned under your name?

No but I did mention to the bank what happened, I believe they only got the credit card numbers, not all of it. At least I hope, waiting for my letter.
 
I found a $345.49 charge to Newegg on my account today. Apparently it was for a JVC Video Recorder. Unfortunately for the 'would-be' recipient Newegg had suspicion and cancelled the order. Also, unfortunate for 'would-be' thief, this is a felony and my local authorities will be contacting the local authorities where the item was to be shipped.

Word of the wise, keep your eyes peeled, or better yet get a new card from your bank.
 
just placed an order there a few days ago, then again I used paypal, not sure if that changes anything. Monoprice is THE place I got to for cables
 
My card hit as well

Charge to Englishtown.com for 49.00
and several international charges of 13.63 to:
AT BOX OFFICE FZ LLC DXB
 
Is MonoPrice still having CC issues or are those who used CCs on MP's site when it was vulnerable getting late fraudulent charges?
 
just wanted to add that I got my cc # stolen and used to buy airline tickets. seems that it is resolved at this point. my cc info was not saved on their server but I made a purchase a week before the announcement and was likely stolen at that time.
 
Think the hackers might have been able to lift email addresses and passwords? When I heard of this I had my credit union issue me a new credit card and placed a credit alert in my credit file. Just recently, my email account was hax0red from an IP address in China. Just found that my email password and my monoprice.com userid/password were identical. Grrrrrrrrrrrreat!
 
Think the hackers might have been able to lift email addresses and passwords? When I heard of this I had my credit union issue me a new credit card and placed a credit alert in my credit file. Just recently, my email account was hax0red from an IP address in China. Just found that my email password and my monoprice.com userid/password were identical. Grrrrrrrrrrrreat!

But if you were using the same passwords for both, shouldn't you have already been aware of this fact?
 
My card has undoubtedly been compromised as a result of this hack. Went to my credit union to get the card replaced before I have to deal with chargebacks and all that, and they refused unless I agreed to pay $5. I have to have money stolen from me before they'll do anything. They didn't seem to understand even the basics of credit card theft, or how it works. /sigh
 
don't mean to thread necro but I ordered an hdmi cable and right angle adapter from monoprice on June 9th and a day later my bank was contacted regarding a compromised merchant. In all my years of using paypal I have never had an issue like this.
 
don't mean to thread necro but I ordered an hdmi cable and right angle adapter from monoprice on June 9th and a day later my bank was contacted regarding a compromised merchant. In all my years of using paypal I have never had an issue like this.

The vendor sees nothing but a payment when you use PayPal. No cc info is given by PayPal. It is wholly unrelated.
Sorry to hear of your issue.
 
I ordered from MP almost 2 weeks ago. So far, my CC looks good, knock on wood. :cool:
 
Back
Top