Jump to content

credit cards on Hannants compromised


Recommended Posts

got nailed too, used hannants on 3rd october. monday evening card was used for £1.81 at servumarket (whatever the hell that is) card cancelled. will this stop me shoping at Hannants. NO. will this make me be more careful with online detail. YES. Other then that jan..jeez man thanks for this thread never would of noticed otherwise, got my e-mail from hannants yesterday. Now in talks with the fraud department.

Link to post
Share on other sites

Perhaps bad news again. First I didn't pay attention as it looked like one exceptional case. But now I know about 4 cases of people, who were on hannants 3 and more months ago (they claim it was before new webpage was put in). Three of them were charged last or this week, the fourth in July. It might not be connected to this case, but four times...

Edited by Jan Jezl
Link to post
Share on other sites

Just got the call from my bank.

I got hit in three times, $1 then $591 and $542.

The bank canceled my card and is sending a new one, I'm not a fan of banks (mine included) but I'm glad they caught this.

I just hope it was the only card I used at Hannants.

The last I bought anything from them was a long time ago, very early 2010 or possibly even last year.

Andy's post about never using his card at Hannants is worrisome.

Link to post
Share on other sites
The last I bought anything from them was a long time ago, very early 2010 or possibly even last year.

Andy's post about never using his card at Hannants is worrisome.

Fifth case. Please, write also to Hannants. BTW, since purchase from Hannants have you used your credit card on internet? As the data might been stolen from different transaction (Andy's case)

Link to post
Share on other sites
Phone call from Banks Fraud Department - querying a few transactions:

First 3 recent transactions check out OK, 4th transaction carried out this morning however was for 97p in USA not OK.

Card Cancelled, new one on the way.

Of note - Card was never used at Hannants so it seems it is down to any CC or DC transactions carried out in the last few weeks.

Thats becasue it was not Hannants which got nailed, it was the payment server in the US which links to the UK clearing bank.

It is probably not too much to assume that Hannats would be a common thread with the people here and on Britmodeller, but I know others in the UK who just got nailed and they are not modellers.

Looks like it could be any online transactions which go through this server.

Julien

Link to post
Share on other sites
Thats becasue it was not Hannants which got nailed, it was the payment server in the US which links to the UK clearing bank.

Julien

Hi Julien,

Can you tell me the source of this info?

Link to post
Share on other sites
Hi Julien,

Can you tell me the source of this info?

Steve

I remember reading that tidbit of info from Hannants themselves. I believe it was in an email to the customers. My friend here in Canada got hit yesterday with a $1.53 charge. So far my card looks good but I have not used Hannants for over a year. Also, I am not sure if it matters, but I enter my card info each time i place an order and do not keep on the site.

Link to post
Share on other sites
Thats because it was not Hannants which got nailed, it was the payment server in the US which links to the UK clearing bank.

That was my reason for posting, seeing as Hannants were getting some negative publicity, when it probably has nothing to do with them directly.

Link to post
Share on other sites

Investigations are still on-going but so far no problem area or trace of illegal entry can be found anywhere.

We have partially re-opened the website though we are still not accepting orders. We have done this is so you can use all the other parts of the site.

We will add more information here as soon as we can and also we will send it by email. Please be sure you are on the emailing list if you have not yet received an email from us.

Websites back up

Edited by sweaty
Link to post
Share on other sites

I wouldn't call this whole situation "negative publicity" for Hannants necessarily as I have yet to see the rash of "thats the last time I order from them again" comments as one might see with some other online vendors. Will this whole thing affect their business? Probably. But if Hannants keeps doing what they are doing in terms of good product selection, speedy business and good customer service, then this whole thing will blow over after not much longer and things will get back to normal. It could have been much worse as I see it with this taking place during the holiday shopping season when a lot of people are potentially buying gifts online as that type of thing can take a real chunk out of peoples' businesses.

Dave himself chimed in on the Airline Modeling yahoo group and said that while the compromised card numbers they have been made aware of thus far have been for cards used mostly in a four week time period, technically their new website went up and running last April, so that could mean any purchases going back that far might be suspect. They are still investigating though. Apparently, none of the experts and investigators on his end have quite figured out where the leak was sprung yet, but they are keeping things shut down until they know that the problem is fixed. To me, while the people who are using the card numbers seem to be rank amatuers (hence the fraud is detected almost right away), whomever pulled off the hack seems to be pretty good at what he did in staying undetected for a long period of time.

Link to post
Share on other sites
Just got an email from Hannants saying they've sent this email again since they heard that many people didn't get one in the first place. Way to go! :thumbsup:

Yes, thanks God. But on another hand - it took them almost 2 full days. The reason was that many people (including me) were not registered on separate eMail list, but only in shop and Hannants sent warning only to this eMail list. Unfortunately, the shop was the thing which mattered...

Anyway, I hope, they will find not only the leak source, but also the thief...

Link to post
Share on other sites
They've reopened the site but are not taking payments yet. I ordered decals from them on the weekend and still haven't seen anything untoward on my cc.

I ordered on Sunday and got some much-needed stuff through today. Have renewed the plastic as a precaution, but it seems no scumbags have hit the old number. Sympathy to Hannants - as others have said, sign of their success.

The one git for me is I really want one of these :thumbsup:

Link to post
Share on other sites

Just in from the big H

Dear Customer,

Investigations are still on-going but so far no problem area or trace of illegal entry can be found anywhere. How the card numbers were taken is still a mystery. Two firms are still looking at everything and we hope to have their reports in soon. For now we are still not prepared to fully re-open the website.

We have PARTIALLY re-opened the website. We have done this so you can check that we are telling the truth that the card details have been removed and so that you can use all the other parts of the site. We suggest that while you are logged in you also check any items that are on back order and/or in your cart and adjust as required.

Currently you cannot enter new card details at this time or send orders to us but most other facilities are still operating as usual.

We have temporarily stopped sending out back orders just in case sending the data that goes with ordering is where the problem is. We have been told that it is encrypted everywhere and is not a problem area so now we do not think it is but we need to be certain.

TELFORD SHOW ORDERS. To send us an order for collection at the show please add a Collect from show address with your name on as usual, add what you want to buy to your cart as before BUT then email us to say it is there in your cart. We will then download it and have it ready for collection and payment at the show. You do not pay until you collect so we do not need any payment now.

MAILORDERS. WE CAN NOW ACCEPT ORDERS THIS WAY... Please put your order in the cart as normal then TELEPHONE or FAX us with your card details. We will then download your order and attach the card details to the order. We will then be able to process your order. Our email is not secure so we cannot recommend you send your card details that way.

Please be aware that the cart only 'remembers' items if they are actually saved in the cart. Items in the Quick Order only do not get saved.

We will email more information as soon as we can. Quite a few customers have told us that they are on the emailing (Hot News) list but have not received an email from us. We think this is because they are being stopped as spam. Mostly the customers are with Hotmail, Yahoo, AOL and of course BT. If you can pass our emails to any of your modelling friends please do.

Everyone at Hannants would like to say a massive 'thank you' for the emails, and phone calls of support, help and encouragement you have sent us. With the exception of about 8 people your support has been fantastic.

Congratulations should also go to the worlds banking system who seem to have spotted and stopped the majority of the charges before they got to the customer.

Best regards

Hannants.

Anyone owning up to being one of the 8!

Julien

Link to post
Share on other sites
Hi Julien,

Can you tell me the source of this info?

Dear Sir,

We are very sorry but there is a payment card security problem.

We received a few emails yesterday afternoon and today we have found

that there is an actual problem.

Initial enquiries indicate that the problem is between the company in

America that maintains the server and the clearing bank in England that

handles the payments and that several other companies around the world

are also affected.

The website has been temporarily closed until the problem is sorted out.

The companies that manage the security side of this business are

investigating.

When we know what has happened and we have accurate information we will

be sending out an email to all our customers.

We are very sorry for this problem.

We will send more information as soon as we can.

Best regards

H.G.Hannant Ltd.

This was from the other day Steve.

Julien

Link to post
Share on other sites
This was from the other day Steve.

Julien

Thanks Julien. That info was somewhat pre-mature in this situation and I think it was impossible at that early stage or even now to narrow down the cause of this.

They are doing all they can to deal with this situation and they are sending out e-mails to their customers to keep them fully informed. Hannants is very much a victim in this whole mess and they have my full support while they work their way through.

I appreciate that many of us have a deep loyality for Hannants and I think it is important that we keep a cool head and let them work their way through this unfortunate mess.

Hannants is on top of the ball dealing with this and that gives me full confidence.

Link to post
Share on other sites

Yes,

seems like they are having a problem finding the hack. If you are good enough to do this kind of hack then you are probably good enough to hide what you have done.

Sad state of affairs but this is the new crime, seems more and more this type of thing is happening.

Julien

Link to post
Share on other sites

Bad luck for me... I actually got nailed for around 320 GBP on my debit card here in Poland... My bank had tried to contact me earlier today but I couldn't answer the phone and the transactions went through.

The three unathorised transactions are still waiting to be processed and it's possible that the money will not be debited at all. If it is debited, I was told to inform the Police so that insurance proceedings can commence.

One important point - the whole issue concerns not only people who have bought anything at Hannnants in the last few weeks.

My one and only purchase from them was on the 22nd April 2010.

Shame. :-( You thought online shopping was really safe. Turns out it's not.

Link to post
Share on other sites
got nailed too, used hannants on 3rd october. monday evening card was used for £1.81 at servumarket (whatever the hell that is) card cancelled. will this stop me shoping at Hannants. NO. will this make me be more careful with online detail. YES. Other then that jan..jeez man thanks for this thread never would of noticed otherwise, got my e-mail from hannants yesterday. Now in talks with the fraud department.

Well, now you can add me to the list. I was hit for 4 charges today, two charges of less than $5 (US) with coldcoffee.com & netflix.com. Then two larger charges for dell.com & zappos.com. Total so far $97 (US).

I only received the email from Hannants this afternoon at 2:30pm EST and received 3 others shortly after that initial email. Needless to say, ONLY due to the fact that Jan started this thread on Monday the 27th, was I aware of the potential breach. Anyway, I cancelled my card with Chase today, after they refused to cancel it yesterday, as there was no indication of fraud at that time. Since I had $10,000 available on that card, I am pretty shocked that they only hit it for $100. I suppose that they would have gotten more, if I hadn't been watching as closely as I was.

Now to the crux of the matter. While I do not for a second as I have said before, blame Hannants for the criminal activity. I am pretty PO'ed that it took THREE days for Hannants to finally send me emails detailing that my card details might be at risk. That amount of time is an eternity in the internet world and it was, as I said ONLY due to Jan's posting of this topic 3 days ago, that I was even aware of the situation and monitoring it as closely as I was.

Additionally, as I explained to Hannants a short while ago, I have not used my card with them in probably 5 months or so. I think it was actually prior to the new site opening, but I cannot be absolutely sure. So the ONLY way for anyone to have accessed my details would have been through their site and ONLY through their site not the credit card processor or anywhere else. I had deleted my details upon reading this thread on Monday, but apparently the crooks had already gotten my CC details. I can say this much, if you had your details stored on Hannants site, recent purchase or not, your card WILL be hit, I pretty much guarantee it. Call your card issuer and attempt to shut that card down. If the bank gives you static, as they did me yesterday (mainly they don't want the unnecessary expense of making a new card I guess), tell them of the LARGE number of people from associated with Hannants that have been ripped off and hopefully they'll agree to void it and issue a new one, before you get hit.

Lastly, again Jan thanks very much brother! If we ever meet in person, the next 3 or 4 rounds are on me!

EDIT: The Official last date of purchase from Hannants was May 12, 2010 (information from my order history on Hannants).

Edited by madmanrick
Link to post
Share on other sites

Hi to all: I have suffered the same attempt to charge my card as most of you here, VISA cancelled my card and will give me another one, I´ve bought from Hannants 1 month ago...I´m located in Argentina, so, it seems this problem will affect all Hannants customers....I received their e-mail too explaining that they have erased all the credit card data, but the attempt to charge my card was made 1 hour ago, after Hannats deleted all the card info...hope they can find out what has happened...my best wishes to them.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
×
×
  • Create New...