Nashbar.com ID Theft

Got the letter ~3 months after my card company contacted me about what it considered bogus charges.

Yes. And I looked back, and see nothing untoward since I got my last new card, so I pretty much disregarded it.

Yes and I did have my CC # stolen.  Fortunately the crooks were pretty timid and only charged me about 4 songs on iTunes (all of which were blocked by my CC company as suspicious).  They used the cc # within a couple days of me placing the nashbar order.   Didn't put 2 and 2 together until the letter from nashbar came.

Will use the 30% discount though!

I had $2000 in bogus charges in March.  Got it all back, but the hassle is always annoying.  Changed cards twice since then.  Got the letter too...at least they did it.  But really 30% off your next order doesn't make up for it.

I started using Paypal's Secure Card which can generate a one-time use (or multiple use) CC # for buying stuff online.  I use it to buy from PBK because of the identity theft problems and have had no issues.

Yes. And they tried the iTunes thing with my card too (which was blocked by my CC company).

So it was a stolen credit card #, not your whole identity, right? I mean, it still sucks, but isn't ID theft way, way worse? I'm asking, cause I just bought something from Nashbar

Correct.  No ssn's involved.

We do!  (Food Lion, Bloom, Reid's, Harvey's & Bottom Dollar grocery stores).  We were pretty tight, but when our sister company, Hannaford Brothers had an ugly breech last year, that really lit a candle under us.  I can't go into details, but I'm one of the leads on the team taking us to an all new level of security.  By year's end our customer's private data will be as secure as it possibly can be.  Probably the most in the retail industry.  If there is a breech, we'll at least be able to spot it fast enough to limit the damage to the number of credit/debit cards transactioned within just a few minutes.  No one every thinks that a grocery store chain would be the target of organized white collar crime.  But we transmit something like 1.5 million credit/debit cards every day through our company.

I can asure you that the laws, rules and PCI are getting considerably tougher and at least my company is going well above and beyond the bare minimum.

I advise people NOT to use debit cards.  They directly link to your checking account and the cards are not as secure as you would think.

Credit cards are safer because the number can quickly be canceled and replaced (as you well know five times this year).  It may be a pain, but it's better than having your bank account emptied.

If you have an online way of checking your cc transactions, check it on a daily basis to look for fraud.

If you don't swipe the card yourself or can't see the card the whole time the clerk runs it,  I would recommend using cash.  Places like restaraunts where the waiter walks away with it can be a bit risky.  It's very easy to quickly clone a card.  Places like retail, grocery, gas, convenience store, etc where you use the card or see the card are safer.

You can relax a little.  At least in some companies (like mine) we have 20+ very paranoid Information Security people who consider themselves "cops".  My counterpart over there spent most of his earlier career in Air Force Intelligence.  He treats information security around here like this place is Fort Knox.

Haven't seen the letter, but I caught wind of this on another forum some time ago.  I sent an e-mail to them and they flatly denied anything was wrong, which I gathered was a lie after reading some of the stories.  I.E. "I got a brand new card and only used it one place... next thing you know bogus charges, pink ring sent to my house, etc."  I know it wasn't them, but their card processor that got hacked(I think), but I'm still very uneasy about ordering from them.  In fact I don't plan on buying from them again.  Nothing has jumped on my card that I've seen, but I'm still worried that my CC info is out there somewhere in someone's hands.  Those single use CC #'s are sounding like the only way to buy things anymore.  

Just got the letter today and now I know why I had to deal with bogus cc charges 3 or 4 months ago.  Really?  Just 30% off?  That makes up for it.

Both of the cards we used at Nashbar were used and then closed in October and December.  We just found out about it. 

Nashbar has annoyed me for awhile with the way they change prices.  I won't shop there again after this.

I got the letter as well. 

I had a number of charges against a credit card back in February, so that card was changed.  I started getting all sorts of crap in the mail that people ordered for me - chocolate covered strawberries, business cards, acai berry diet pills, and some other stuff.  All were cheap intro offers, and I was signed up for recurring "monthly" payments and whatever club it was.  Credit card company took care of all the charges.

Then in March, same thing happened again to my debit card.   Not pleased at all with that because it was quite a hassle to have the money put back in my bank account.

So I was at least happy to know where the theft came from.  I haven't ordered from them in over a year, and don't really plan to again.


Edited by willie05 2009-07-27 3:52 PM

Both my credit and debit card information was stolen, they bought a bunch of crap. They sent me new cards.

When did this breach happen? My credit card company called me some three to four weeks ago (?) to say that there were a number of strange charges that they blocked.  I have ordered from them a number of times but did not get a letter from Nashbar. 

I got the letter, I had some charges in April but I caught it and actually got the charges reversed from the companies where they were made and just cancelled the account.

The companies still sent me the crap that was ordered after they refunded me. I got "lucky" so to speak bc I moved so the address that was on file did not let any charges post, I caught them all while they were pending.

Wow!
I wonder if this is the source of a $3000 plane ticket to Spain on my old card back in Feb?  CC company contacted me ASAP when it was attempted, nice catch.

They blocked my card and sent me a new one because someone tried to use mine to buy a $1.25 New York Times paper back in March.

My husband got the letter yesterday - he just ordered some things from Nashbar a couple weeks ago (and had in the past as well). I didn't get a letter (maybe because I moved somewhat recently), but I did have weird charges show up on my credit card. I purchased some winter riding gear from Nashbar back in the fall of 2007 I believe, and hadn't done any business with them since, so I can't say for sure that's where my info was stolen, but I've never had any other problems. I had only two small charges - one for gglprofit, which after some google searching, I found associated with other ppl who'd purchased via Nashbar. I was also signed me up for a random shopping website, with a monthly fee. I'd never even heard of the place before. Weird stuff. Luckily, I caught it early, and got a new cc #, but it's still a hassle.


Edited by LindaKC 2009-07-28 11:58 AM

just replaced 3 cards, 15 fraudulent charges, most under 10 bucks, more hassel than anything.

yep, I got hit as well, on charge for an online meeting club, plus a $3500 dollar car in Colorado. Looks like discover wrote them all off for me. I'm waiting for the right price on a new trainer, and am going to try to get them to add the 30% to whatever offer is out there as well. It's worth a try.