Jump to content

credit cards on Hannants compromised


Recommended Posts

I have seen those recently here in Canada, and have been eyeballing getting one for online purchases.

Anyone have experiences with them? Do they work exactly like a normal credit card (other than the incursion of debt)?

Yes they do mate.They are brilliant as you cant spend over the amount you put on the card.For example,AOL tried to take more than they were entitled to off my old one,it was declined & AOL ended up with egg on their face because the was'nt enough funds on it.They're also bloody useful if you go on holiday.you load it up with,say, £500/$500,.Your card get's stolen & say you've spent £350/$350,then all you've lost is £150/$150 & you dont have to go thru the hassle of cancelling credit/debit cards.

Link to post
Share on other sites
I have seen those recently here in Canada, and have been eyeballing getting one for online purchases.

Anyone have experiences with them? Do they work exactly like a normal credit card (other than the incursion of debt)?

I cant speak for Canada, but I use a similar system when shopping online. It generates a temporary but otherwise valid CC with number, expiry date and CCV, with a fixed amount of cash. Never had a merchant refuse it so far in Europe, the US, or Asia. Also since it takes funds out of your current balance, no interest is paid.

Its safer because:

1) Its only valid for a month

2) Since you use a fixed amount, defined for each purchase, after the merchant takes their part, usualy only a couple of euros remain, so thats the max you can get stolen.

3) There is also a daily amount that cannot be exceeded, which is defined in a atm (using your debit card), or optionally at your home banking site.

That is to say, if your daily max is 100€, you can generate as many cards you want in a day, but their combined value has to be bellow 100€.

So even if a nefarious party gets hold of the password/username combo used to generate the cards, there is some damage control.

You, and everyone else in this thread, should really investigate such solutions. I know I would not even consider online purchases with a conventional CC.

And I just made my first Hannats purchase this Saturday!!!!

Link to post
Share on other sites
I cant speak for Canada, but I use a similar system when shopping online. It generates a temporary but otherwise valid CC with number, expiry date and CCV, with a fixed amount of cash. Never had a merchant refuse it so far in Europe, the US, or Asia. Also since it takes funds out of your current balance, no interest is paid.

Its safer because:

1) Its only valid for a month

2) Since you use a fixed amount, defined for each purchase, after the merchant takes their part, usualy only a couple of euros remain, so thats the max you can get stolen.

3) There is also a daily amount that cannot be exceeded, which is defined in a atm (using your debit card), or optionally at your home banking site.

That is to say, if your daily max is 100€, you can generate as many cards you want in a day, but their combined value has to be bellow 100€.

So even if a nefarious party gets hold of the password/username combo used to generate the cards, there is some damage control.

You, and everyone else in this thread, should really investigate such solutions. I know I would not even consider online purchases with a conventional CC.

And I just made my first Hannats purchase this Saturday!!!!

Just so you know,the one pinguis is on about is slightly different to the one I am on about.

Edited by spike7451
Link to post
Share on other sites

Well.. that's a shame. I've ordered from Hannants a few times. The reality is that no website or system is 100% secure, but it's more secure than other types of transaction (giving your CC# to the pizza guy over the phone for example).

I make a daily stop at my bank website to check everything is okay so I would know pretty quickly if something happens.

Link to post
Share on other sites

A unsecure credit card experience, such as the one being said about Hannants can be a death knell for a internet company. I hope they get it patched, and make everything good for their customers. Eating a little money now will pay them dividends in the future.

Link to post
Share on other sites

So THAT'S what happened! I got zinged as well.

I did my first order with Hannants last weekend and on Friday I got a call that there were two charges. One was $2.42 (presumably to check that the number worked) and the second one was a $342 charge at Macy's. The fraud people stopped the second one cold, presumably because I didn't have that much in my account. So it got stopped and I just had to spend a slightly inconvenient stop at the bank to have that debit card fully cancelled and the paperwork filed for another one. Thankfully, it didn't do much damage as I don't use that account for automatic bill pay and my other accounts I use online are secured in other ways. So once I get the new card, I should be fine.

All things considered, it appears that the fraud protection with our card issuers did work in this case. The results are scarey, but I would rather find out now then see these charges on a bank statement months from now.

I plan to order with Hannants again as the order shipped out nice and quick. However, I won't do it until I get assurances that they have stepped up their security a bit.

Link to post
Share on other sites

Whilst I don't wish to make light of a serious situation, the closet conspiracy theorist within me says that it was PayPal that hacked them and passed the info on. Just another step in their plan for world domination mwahhahaha!

Link to post
Share on other sites
I sent Hannants an email to see if they can shed any light on this.

David

Don't prod them too much as they likely won't say anything public until they have something firm. It sounds though like one individual managed to hack the site and sold the numbers to several others, probably at one of the sites that does this sort of thing quite a bit. That is why the charges are appearing all over the place. That sort of thing is tough to catch, but if some individuals did get caught, then the authorities can work up the fault chain to try and shut down the seller of the numbers (if they move fast enough). It can be a darn hard crime to police though at the source point, but at least the buyers of the numbers could get prosecuted if they are in the USA.

BTW, as for the Paypal comment, stow that talk NOW! I have a couple good personal friends who work at Paypal and they VERY actively police fraud BIG TIME. Any hint of something hinky going on and they will shut it down.

My friend told me a story of another employee at the Paypal office where he worked for who used his internal password to snoop around through the Paypal account of a politician who was in the news during the last major election for a national office. Since it was unauthorized, he got called into the management office and fired THAT same day. They take that stuff VERY seriously.

Edited by Jay Chladek
Link to post
Share on other sites

This is quite an alarming thread since I just bought some decals from Hannants (the first time I've bought on-line for some time I might add)

Sorry to hear you guys have been stung. :(

I think I'll give the bank a precautionary phone call today so thanks for the heads-up. :jaw-dropping:

:rofl:

Link to post
Share on other sites
For those of you who have experienced unauthorized charges.... Have they all been large

transactions? Jan Jezl mentions $900 x 2, but recently I had a small charge (less than $2)

that I didn't make. My bank told me that crooks will sometimes make a tiny charge, to

check the account to see if it works, while trying to stay under the radar. I've used

Hannants a few times since they've implemented their new system.

Fot this question - I've got charged 8 times. First there were small charges (0,05$ and around 2$) to check if it works, then big one.

No comments from Hannants, but number of charged people seems to be pretty large.

Link to post
Share on other sites

Is this just something that's happened with people that have made purchases within the last month? My last order was with them was in May of this year and I haven't received any calls about unusual purchases from my CC company. The one thing I did do was to remove the payment method info my profile on Hannants.

Link to post
Share on other sites

I was blaming Book Depository in the UK for the CC fraud I was hit with so I guess I owe them an apology. I apparantly ordered $50 worth of pizza then was flying somewhere on British Airways on Friday night - total of over $2000 in 2 transactions (plus compulsory $1 trial). SO I guess I now know it's courtesy of Hannants. Might send them a nastygram as well.

Link to post
Share on other sites
A question for those who got stung, did you leave your card details on the site, or enter them each time you order? I placed an order at the weekend, very worrying.

I put the information about credit card while registering and didn't delete anything. Hannants claims, they do not store security number of the credit cards. Anyway I strongly recommend to contact your bank as attacker might got information from stored database on hannants (they might have this database in the bank, so also from here) OR from online transaction between hannants and bank OR on the way from you to hannants

Link to post
Share on other sites

At least the CC companies seem on top of this.

I have one CC with a low balence that I use on line so if anyone does steal the details the max I can loose is not great, I will check the statement as this is registered with Hannants.

Julien

Link to post
Share on other sites

I've just received this reply from Hannants.

"Dear Sir,

Your order was charged the instant you sent the order.

Please log in and delete your card details using the option in Your Account.

Dear Sir,

We are very sorry but there is a payment card security problem.

We received a few emails yesterday afternoon and today we have found that there is an actual problem.

Our initial enquiries indicate that the problem is between the company in America that maintains the server and the clearing bank in England that handles the payments and that several other companies around the w are also affected.

The website has been temporarily closed until the problem is sorted out.

The companies that manage the security side of this business are investigating.

When we know what has happened and we have accurate information we will be sending out an email to all our customers.

We are very sorry for this problem.

We will send more information as soon as we can.

Best regards

H.G.Hannant Ltd."

Only problem is, since they've closed the site down, I can't remove my details.

Cheers,

Motty.

Link to post
Share on other sites
I've just received this reply from Hannants.

Only problem is, since they've closed the site down, I can't remove my details.

Cheers,

Motty.

thank you for sharing. And I think, that even if you delete information about your credit card now, it will not help, as attacker already might have it.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
×
×
  • Create New...