So on last Thursday I received a call from one of our credit card banks, following up on suspect charges that were flagged by its computer system. The security agent asked us about 3 charges and if we made them earlier that day? Answers: no, no, no. Two were made at a Wal Mart and one at another place, its name didn't ring a bell.

The bank agent then told us our CC info must have been compromised and they'd cancel the card and re-issue new ones with a different number of course. Wife and I wondered how that happened and narrowed it to only two internet vendors where we’d used that CC in the previous week or so. One of them was Ballistic Products and that shipment arrived on Friday.

Today we received an email from BPI on a "Data Incident" and I've copied the pertinent info below. FYI in case you bought something from BPI recently.

> The purpose of this email is to make you aware of a data incident experienced by one of our third-party vendors that may have resulted in the disclosure of payment card information of some of our customers. The vendor of this service has launched an independent investigation with the help of national cybersecurity experts. At this time, we have received only limited information as the vendor’s investigation remains ongoing. BPI and our vendor take the security and privacy of your information very seriously and regret any inconvenience this may cause you.

Our vendor has informed us that it is working with the payment card brands and law enforcement authorities to better understand the scope of this incident. We were notified that payment card brands may be cancelling and re-issuing certain payment cards. Please note that BPI does NOT directly collect or store payment card data in our own computer system. We employ and rely on offsite vendors to safeguard this data. Accordingly, we do not yet have access to the information required to determine which specific cards were impacted and, therefore, we are unable to provide any additional information about those impacted at this time. We anticipate receiving more information from the vendor concerning specific customers who may have been impacted, and we will notify those individuals upon receiving such information.

We appreciate your patience in the coming weeks as our vendor and industry experts work through this complex situation.

Sincerely,
Ballistic Products

Got the same email today…and just checked my card charges over the last few weeks, nothing unexpected (knocking on wood)….

I wouldn't allow ANYONE to reissue a new card or card number to me. I would do it myself without the further risk of more breaches.





.

I wouldn't allow ANYONE to reissue a new card or card number to me. I would do it myself without the further risk of more breaches.


.

Dean, I don't follow your logic. The bank that issued the card that was compromised and is now cancelled, is issuing me the new one. How would that present a further risk of more breaches?

Same thing happened to me. Three charges tried. All for several thousand dollars. My CC holder caught it, locked the card and contacted me. I have held this particular card since the 1970's. It has been compromised 4 or 5 times in that period.Always cancelled and reissued with no charges and no hassle. Because of their track record, I use this card exclusively for online purchases.

I got the BPI email today, so I presume that is where the breach occured.

Ditto for me. Capital One caught the two one dollar charges to Walmart and then a larger
charge. New card shipped two day. I haven't seen an email from BP but a BP shipment arrived on Saturday.

Same here. Fraudulent charge to Walmart for $200+ about a month ago.
Got the email from BPI today. Been several months since I have purchased from BPI.

Dean, I don't follow your logic. The bank that issued the card that was compromised and is now cancelled, is issuing me the new one. How would that present a further risk of more breaches?


You sure it was the bank that did that Frank? I'd want to be the one to initiate such transactions...

Fool me once shame on thee... fool me twice shame on me.





.

You sure it was the bank that did that Frank? I'd want to be the one to initiate such transactions...

Fool me once shame on thee... fool me twice shame on me.


.

Still don't follow you on this Dean. Well when the bank (one of the largest in the US) leaves a message to call them to verify some questionable charges, and I call them using the phone number printed on the credit card, and they ask me answers to the "secret" questions I have on file with the bank, I'm sure it's a legitimate contact. I'm not the smartest guy in the world, but far from being the dumbest.

If you want to reply here about something how about posting to members who've recently bought from BPI and may not have a bank with sophisticated anti-fraud capabilities. Might save them some grief and effort when they get their next CC statement?

Still don't follow you on this Dean. Well when the bank (one of the largest in the US) leaves a message to call them to verify some questionable charges, and I call them using the phone number printed on the credit card, and they ask me answers to the "secret" questions I have on file with the bank, I'm sure it's a legitimate contact.


I don’t recall reading this explanation in your original post Frank. If you had I might not have been as skeptical of the situation.
There are thousands of unscrupulous entities in this world who pretend to be something or someone they’re not just to gain our confidence and steal from us. No apologies that I am one of the most cautious and skeptical people I know.
Sorry if I upset anyone, it was not intentional, but if I’m going to be doing business with a bank, investment firm, credit card company, insurance company, or whatever… please notify me if you suspect fraud but I will initiate a bsiness transaction… regardless of who you SAY you are.







.

These types of incidents have increased dramatically during the pandemic. I get an e-mail or text message about every month and a half "thanking me" for my recent purchase of an expensive desktop or laptop computer. Usually labeled Microsoft or MacBook. An official looking invoice is always included announcing that my credit card (unspecified) will be charged with the balance, and gives a prompt to access the "pay now" toggle. Also being plagued lately on my cellphone with similar messages showing my "balance owing" for shipping in ridiculous amounts ($1.82; $6.71) for something I never ordered. Always directed to another "pay now" prompt to ensure my "order" is released. Scattershot hackers are having a field day with these and other scams lately.

Frank,

Is there a time frame associated with these breaches that you know of?

Thanks for the heads up Frank,

I also recently purchased from BPI, and received their data breach email yesterday.

Thankfully after checking my credit card activity this morning, fingers crossed, but no charges other than the ones I’m responsible for.

Stan Hoover

Frank,

Is there a time frame associated with these breaches that you know of?

Daryl, my next to last order with BPI was about 8 weeks ago and using a different credit card. No problem with that one. The last order was entered about 2-3 weeks ago. That was with the credit card that is now locked. Putting this together, I'd say the suspect period possibly started in late March.

The real question which wasn't addressed in BPI's email is whether BPI used due diligence in selecting that third part vendor to process and probably store CC information. That was (apparently) a fairly recent change by BPI. Over many past orders I used to get a credit card receipt emailed to me by a woman at BPI when she ran my card and a day or so before the order was shipped. But on the last order where the CC number was hacked I didn't get anything from the woman and (apparently) BPI had assigned that task to the third party vendor referenced in its email. :whistle:

My Master Card was hacked in early January and purchases were made with a company in Great Britain in the amount of several hundred dollars. My bank contacted me and helped to find out where these purchases were made… there were even a couple of smaller purchases made in Cal and Nevada. My card was locked and I went to my bank to initiate the issue of a new card. I got the smaller purchases credited to me within days but didn’t get credited for the overseas charges until late in March.





.

The particular card I had compromised was a Bank America Visa. The charge I saw the amount was at Lowe's for over $4000. BOA flagged all three and denied approval. They never made it to my account. They are the best I have seen at nipping these in the bud. The downside is that one time the card was locked while I was on vacation, and was due to a new, but large, purchase I had made.

We've had probably 4 cards, at least, hacked in the last two-three years. Our bank is very good at contacting us regarding any fraudulent charges plus using the online account we can track every charge and check. For instance, we didn't know we were in San Fran using an Uber on New Years Eve. :shock: That's why we really like our bank, never had to fight to get the charge reversed.

The sad thing is someone has got to pay for all those loses that aren't caught . Guess who that is?

Like many of you, I also received the notice from BPI. I checked my recent CC activity and found zero unauthorized purchases. However, several years ago, I had to replace my card 3 times in the course of one year. Unfortunately, it happens. Small grocery purchases in Connecticut, multiple limousine services in California, and 5 nail guns in Michigan. It's a pain in the butt, however the CC company always took care of me.

When buying reloading supplies, etc.I have for the last several years only been paying with a money order mailed to the company where the order is coming from. Most companies will accept a MO. Not as convenient as using a credit card but helps avoid scams.

We have one cc, and one only. It is through a credit union and we've had the card for over 20 years. Never had one fraudulent transaction get past them. There have been times that I got a bit aggravated with them because they would deny a transaction I was attempting to make because they were afraid my card info had been compromised, but in the end I'm grateful.

One time we rode over to a supermarket in a town about 35 miles away, but across the state line in South Carolina. My purchase was denied, but I was able to pay in cash. When I got home I called and asked why it had been denied. The lady said it was because nobody goes into another state to buy groceries. I told her that was ridiculous and asked who made that decision. She replied "An algorithm". :shock: They had cancelled my card and re-issued a new one, based upon that attempted charge. Overly cautious? Nah.

Glad you didn't get burned, Frank.

capital one seems to be really good on watching for suspicious activity -

i had not used that card for months once and used it in a store- my phone rang before I got out the door making sure it was a valid charge. And on another occasion we had traveled without remembering to notify them - used it in a restaurant and got the call before we left the parking lot -

I did get the BPI email, haven't seen anything wrong on any cards - but its been a few years since I ordered from them - it very well be that the data they have on file has expired - new dates and security codes come with new cards

I just had this unfortunate experience yesterday.

I received a text from my bank asking about suspicious activity on my card. Rather than answering the text, I logged into my card account & found three charges I didn't initiate. I was able to dispute the charges online & report the fraudulent activity. The bank immediately locked & cancelled that card & reissued me a new card.

I'm now trying to track down what happened. The only online purchases I've made lately was too midway, amazon & a national plumbing supply house. I haven't ordered anything from BPI in a long time. I do have an online account with them but haven't received any notification from them of a data breech.

Maddening to say the least!!:banghead:

I had several charges on my bank card a while back that I did not make .
Fraud dept of my bank caught one . I found 2 more. Had to get a new card.
Today I got a letter from Numrich Gun Parts stating someone had breached their customer account info about the time I had ordered from them.
Would it be better to use credit cards for purchases instead of Debit Cards?

Dale,
YES! There are so many more consumer protections with a credit card that you don’t have with a debit card. Also, given the fact the debit card is attached to your checking account, the bad guys could clean you out before you knew anything was happening. Granted, you would more than likely get your money back, but it could be a lot more hassle. I always told my customers to never use their debit cards on line.

Dale,
... I always told my customers to never use their debit cards on line.

Absolutely 110% correct! NEVER use a debit card for online purchases!

FYI, our bank just notified us that Master Card had a data breach and they will be issuing new cards. There is no punishment too severe for those hacker bastages!!! :banghead: :cuss: