SDE - payment issues? (excised from Who's Next announcement thread)

[mandrix]

I got hacked a few years ago involving some complicated system involving Google Pay, Amazon, PayPal. The charges actually hit my bank but I was able to head it off.
Yesterday I got a letter from American Clinical Solutions telling me they got hacked. I don't even know who they are, but apparently they had my information on file.

After the hacking incident I changed all my cards to two factor authentification. One of the CC companies did not even HAVE two factor available and I complained loudly. Shortly after it became an option just before I canceled the card. I want to say it was Capitol One but don't remember with absolute certainty.

 

[madscot]

Have any of us in the UK been hacked after using SDE? I haven't, and my purchases have gone via Shopify. I also run Norton 360.

If nobody has been hacked other than in the USA, then may be there is a weak link there, depending on the provider, websites can be mirrored in various locations, so could a hacker have got in only to the mirrored site?

The only cards of mine which have been hacked in the past were linked to the VISA payment system, and they really went for it, took a while to get the money back.

I always use paypal for online purchases, that way the retailer doesn’t have any card details

 

[birrrdy!]

Yeah, I keep getting this consistent monthly drain on my credit card from SDE! Oh wait, that’s my doing…

 

[splinter7]

My credit card has also been hacked after the Who purchase, twice on the same day within minutes of the order, thank you for sharing this as it now clearly points the finger at which purchase was responsible for leaking the information, I would suggest contacting SDE and make sure they are firmly aware of this problem. This was using the PayPal option.

Really? PayPal's claim to fame is never sharing financial information with a seller.

 

[SeeMoreDigital]

Really? PayPal's claim to fame is never sharing financial information with a seller.

Indeed... They don't.

 

[Muppet69]

I’m inclined to believe that SDE should be getting in touch with Shop Pay / shopify and alerting them to these issues. Perhaps more of us should alert Paul about this and let him see this thread.

 

[Frank Lovejoy]

Twenty-four hours after placing my order through Shop and I’m seeing no signs of hacking. I’m in the US, as well, and this is my third SDE order.

 

[JediJoker]

After the hacking incident I changed all my cards to two factor authentification.

To be clear: you mean you enabled 2FA on the online accounts associated with those cards, correct? I'm not aware of any card issuers offering 2FA at point-of-sale. Too many disparate systems to make that feasible.

 

[DuncanS]

To be clear: you mean you enabled 2FA on the online accounts associated with those cards, correct? I'm not aware of any card issuers offering 2FA at point-of-sale. Too many disparate systems to make that feasible.

On this side of the pond I'm regularly asked to enter a code (sent via email/text) from my card issuers to confirm a purchase is valid, even happens via PayPal, sometimes PayPal sends a code followed by another one from the card issuer

 

[SeeMoreDigital]

On this side of the pond I'm regularly asked to enter a code (sent via email/text) from my card issuers to confirm a purchase is valid, even happens via PayPal, sometimes PayPal sends a code followed by another one from the card issuer

That's a very good point. PayPal aways send me a 4-digit confirmation number via a text message.

 

[stoopid]

On this side of the pond I'm regularly asked to enter a code (sent via email/text) from my card issuers to confirm a purchase is valid, even happens via PayPal, sometimes PayPal sends a code followed by another one from the card issuer

I believe this can be enabled with US based card companies as well. I don't personally use it as a default for each transaction, but I have seen an extra layer (text confirmation) if the purchase amount is unusually high or if I hadn't used the card in a long time.