I Just Had My Credit Card Details Stolen (Confirmed through Discount Drug Stores Online); Check Your Recent Transaction Activity

ronnknee on 11/09/2016 - 18:38
Last edited 14/09/2016 - 17:31 by 1 other user

Today around 2 PM, I was getting several messages from my credit card company, Coles MasterCard, saying to input the security code on the merchant's website for my online purchase. I was thinking, hang on, I didn't make any purchases today… So I logged into my account and checked - about 20 purchases totaling $2000 and my credit limit was down to about $17.

I called up Coles MasterCard to cancel my card and dispute my charges straight away.

I think it's very likely that they'll be able to write off those fraudulent purchases. My concerns are having to fork out extra to pay off the monthly balance, update my direct debits and use other credit cards for the time being.

I didn't think to post my story on OzBargain earlier but someone else had commented in my Discount Drug Stores deal saying that their credit card details were compromised.

Did any of you guys have your credit card details compromised after signing up for the previous Discount Drug Stores deal?
The two cards I used for the deal got compromised not so long after the deal…

Did anyone else have fraudulent activity on their credit card today, and if so, did you use it to pay for your purchases at Discount Drug Stores (at least partially)?

Edit:

Okay, so based on the responses, it seems Discount Drug Stores was the source of the leaks but not everyone were affected..

If you purchased from them and you haven't been affected yet, you may want to cancel your card and order a replacement as a safety measure.

If you purchased from them and you were affected please state the date of purchase so that we can roughly determine which period the card details were leaked. If you've made multiple orders, list the earliest and latest dates.

You can express your concern to Discount Drug Stores and Office Of The Australian Commissioner.

UPDATE: Discount Drug Stores has confirmed that card details have indeed been compromised.

Please be advised Discount Drug Stores recently detected a threat on our website from a third party, aimed at extracting credit card information from some of our customers. We immediately shut down this threat, however we suspect some customers’ credit card details may have been compromised.

No other personal information (e.g. names, addresses, passwords, health records, transaction history) was obtained. Discount Drug Stores systems are fully compliant to all PCI Data Security Standards. We have contacted the Australian Federal Police and are in the process of personally contacting customers who were potentially affected.

We recommend customers check their next credit or debit card statement, and if you have any concerns that a fraudulent purchase may have been made, please contact your bank or financial institution.

Please do not hesitate to contact us direct if you have any additional questions, [email protected]

Facebook Announcement

Financial

Related Stores

Discount Drug Stores
Discount Drug Stores

Comments

  • inherentchoice on 13/09/2016 - 10:43
    +1

    I've just had fraudulent transactions on all three of my credit cards. I don't know how the details were compromised. I think it's either Paypal or perhaps my Xiaomi phone has some malware on it?

    I did get this deal from DDS but that would've only given them one of my card numbers.

  • R3XNebular on 13/09/2016 - 12:28
    +1

    I have a feeling all the details are being shared by multiple offenders probably using some anonymity network like tor. The purchases seem to be everywhere so I assume it's being shared by some hackers.

  • p3t0r on 13/09/2016 - 13:46

    I work in credit cards for a bank and it can be crazy to see some of the fraud that takes place on a daily basis!

    I've been a victim of credit card fraud only once before. I found a transaction for almost $500 at a cigar store in NYC and never authorised it! Thankfully I was able to dispute it and ended up in my favour.

    As some others have mentioned. Check your monthly statements, enable notifications on your banks mobile app for card authorisation's where possible and know your rights to dispute fraud on your account

  • kiveler on 13/09/2016 - 13:47

    Happened to me as well. Same card used for dds toilet paper got hacked into for multiple large online purchases.

    Im a little concerned that if their website is compromised, is there a way to get our details and past transactions wiped from their system?

  • PeeDee on 13/09/2016 - 15:31

    That's scary. Is this only certain banks? Did you guys have to check your statements or are you notified?

  • fruit on 13/09/2016 - 16:50
    +1

    Ring your bank and ask them

    From all the terms I've read a card issuer will not charge interest on disputed transactions.
    The liability lays with the merchant not you. You'll get your money back.

  • LustStarrr on 13/09/2016 - 17:29

    Partner's debit MasterCard details were somehow stolen recently, although we haven't worked out exactly where. Luckily, we make a point of living virtually hand-to-mouth, so most of the transaction attempts were denied, & Westpac has since reimbursed us $ for a few minor transactions which were lucky.

  • PVA on 13/09/2016 - 17:50

    has anyone contacted the discount drug store about it. I wonder if they even know theres a problem.

  • grugz on 13/09/2016 - 18:16

    Exactly the same thing happened to me recently. I bought something from DDS 29 July and then on Friday (9 Sep) some buggers from overseas (?California, Turkey) spent $7300 on my card. Now waiting for the transaction dispute and a new card… such a hassle.

  • Neptunesblood on 13/09/2016 - 18:45

    The fact that it's a "discount drug store" raises red flags to me immediately. But banks are pretty cool these days and will usually refund the money.

  • c64 on 13/09/2016 - 21:21

    it's a pity most banks don't show declined cc transaction attempts in your transaction list. i remember using a mebank visa debit card for a while and it did. i thought it was quite a nifty feature.

  • noskich on 13/09/2016 - 21:41

    Same here, an order was placed for 3,5K at Officeworks with my Westpac card. Luckily, Westpac sent me an SMS with an option to report fraud which I did. The transaction never happened, the card is blocked and I am receiving new cards in 3-5 business days. Thumbs up Westpac!

    Btw, I did manage to get 3 packages of toilet paper for a dollar.

  • sagitox on 13/09/2016 - 21:50

    I purchased one thing from DDS with a MasterCard in May last year. The card I used expired in June this year. I'm pretty sure there wasn't any unauthorised transactions to my knowledge. But that's terrible what happened to some people.

  • GPT4 on 13/09/2016 - 22:08
    +4

    Got stung too. $4000+ fraudulent transaction on my ANZ Visa at Lenovo Aus. Got a fraudulent transaction initially from Easyjet GB but it was reversed the same day potentially by the merchant. I was wondering where the details got leaked from until I stumbled upon this thread..definitely leaked from this store!

    Update: Reported this to Discount Drug Store using the Contact us link on their website and also provided them the link to this thread. I will post if I get any response from them.

  • Food on 13/09/2016 - 22:10
    +1

    Jeepers this is crazy

  • T-man on 14/09/2016 - 08:56

    If you are using Citibank cards, it is uncertain that the DDS or Citibank because Citibank used to steel the customers's money. My card has been stolen by the Citibak staffs who work in their security department.

    • ronnknee on 14/09/2016 - 09:24

      My card has been stolen by the Citibak staffs who work in their security department.

      It's hard to imagine that the personnel would do that. How did you narrow it down to them?

      • T-man on 14/09/2016 - 09:30

        100% they did, I called them to cancel my card and they resent me a new one. I never used it and it continued to have the fraudulent transactions in Euro, bought some TGV tickets in France and airline tickets in UK.

        • leeroys_dad on 15/09/2016 - 03:55
          +3

          Actually, they don't cancel it completely. They cancel the actual card but any direct debits or online transactions will work using the cancelled card number

        • Fake News on 15/09/2016 - 08:18

          @leeroys_dad:
          My direct debits failed to go through after I cancelled the card- I've got a NAB Visa card.

  • edgar28 on 14/09/2016 - 09:42

    So should all of us that buy from DDS get new credit card?
    did you saved your cards detail in it?

    if it is from DDS they should inform their users……

    • ronnknee on 14/09/2016 - 09:46

      If you want to take safety measures then yes you should replace the credit card.

      I think an important piece of information required is which period our purchases were made then we can determine roughly when the credit card details were compromised (if not since beginning of time).

      • edgar28 on 14/09/2016 - 11:59

        Thank you for your reply. Could you please put in a poll?

        with date on the on special and date outside the special?

  • cristobaljames on 14/09/2016 - 10:01

    Bankwest put a hold on my card immediately after a $0 transaction (card check) was done from a supposed film company located in the USA.

    Obviously I had to wait for a replacement card which was a pain in the @ss due to this happening on a Friday.

    All that drama over a $1 pack of bog rolls :(

  • Turd on 14/09/2016 - 10:19

    Same I got the same thing! $0 check on card from: E Grosse Tete US on 07/09/2016.

    Pain in the arse now to get a new cc and new number.

  • LLdreamer on 14/09/2016 - 11:11

    I can confirm the same card for purchase for the $0.99 Kleenex deal have unauthorised transactions from the UK. Went in my Bankwest account to check after seeing all the comments here. All under $10, 4 debits 2 credits, happened this month. I'm still out by $14.75.

    • LLdreamer on 14/09/2016 - 14:15

      My Bankwest account is mostly used for BPay and interbank transfers and ATM withdrawals. Don't use their debit card much as I mostly use my other 2 cards. Discount Drug Stores debited on 1 Aug, first unauthorised payment happened on 5 Sep, in between I only used this card once at Nando's on 9 Aug.

  • nickj on 14/09/2016 - 11:43
    +1

    Reading this post, I am so glad I didn't get the toilet paper for $1, and instead got 2 packs of deodorant for $0, hence no need to supply credit card details. Getting a credit card replaced for fraud is a stressful waste of time, and sometimes happens at the worst times (partner had it happen right before we were travelling overseas, when she needed the credit card the most). Hope everyone gets this sorted out quickly. And if there's mass fraud identified from a single online store, why don't VISA / MasterCard proactively insist on replacing all the cards used at that store?

  • edgar28 on 14/09/2016 - 13:03

    Anyone has any luck got a reply from DDS yet?

  • bugman on 14/09/2016 - 13:09
    +3

    This site also holds Medicare details as well …..if you have entered them.

    So that is big concern for identity theft

  • andyken on 14/09/2016 - 13:57
    +2

    this is their response on facebook:

    Thank you for making contact with us in regards to your concerns with our website security. Our customers shopping security is extremely important to us, we are in contact with our website developers and will be in touch with you shortly.

    Once again, thank you very much for taking the time to let us know of your concern. We really appreciate our customer feedback on all matters, especially when it concerns such sensitive topics.

    Many thanks,
    The Discount Drug Stores Team

  • XeSSiV on 14/09/2016 - 14:29

    Just putting in my two cents. I didn't order anything recently from them. My last (and first) order with them was over a year ago. I haven't had any fraudulent charges on my card as of yet. Should I cancel the card or should I report this to my card company or should I wait and see what happens? Sounds like it was only freshly made orders and card numbers that got affected. Anyone else in a similar situation to me?

    • andyken on 14/09/2016 - 16:21

      My last order with them on may 2015, and right now, i request to change my card. better safe than sorry

    • c64 on 14/09/2016 - 18:11

      i'm also facing the same conundrum. my last online purchase from discount drugs was in dec 2015. i have a visa debit card to use exclusively for australian online purchases. it always has a nil balance unless i'm about to use. i don't think i have any unauthorised transactions.

    • Maverick-au on 15/09/2016 - 13:11

      Just putting in my two cents. I didn't order anything recently from them. My last (and first) order with them was over a year ago. I haven't had any fraudulent charges on my card as of yet. Should I cancel the card or should I report this to my card company or should I wait and see what happens? Sounds like it was only freshly made orders and card numbers that got affected. Anyone else in a similar situation to me?

      Contact them and demand that they tell you if your card was compromised. It's likely that all cards used for a long period have been compromised.

  • neil on 14/09/2016 - 17:26
    +5

    Discount Drug Stores responded:

    Please be advised Discount Drug Stores recently detected a threat on our website from a third party, aimed at extracting credit card information from some of our customers. We immediately shut down this threat, however we suspect some customers’ credit card details may have been compromised.

    No other personal information (e.g. names, addresses, passwords, health records, transaction history) was obtained. Discount Drug Stores systems are fully compliant to all PCI Data Security Standards. We have contacted the Australian Federal Police and are in the process of personally contacting customers who were potentially affected.

    We recommend customers check their next credit or debit card statement, and if you have any concerns that a fraudulent purchase may have been made, please contact your bank or financial institution.

    Please do not hesitate to contact us direct if you have any additional questions, [email protected]

    • ronnknee on 14/09/2016 - 17:34

      Yea I just saw. Good that they're admitting to it.

      • edgar28 on 15/09/2016 - 00:13
        +1

        But they didn't admit when they fix it……..and how long they being compromised!

        • ronnknee on 15/09/2016 - 09:35

          Based on the next comment, it seems like at least the past year's worth of data was stolen.

    • T-man on 15/09/2016 - 05:40
      +2

      So funny when they said that their website is fully compliant to PCI Data Security Standards. It looks dodgy and has some urly security logos at the footer.

    • ucd12345 on 15/09/2016 - 10:58

      Very interesting that they feel comfortable to make that statement given that:

      "According to PCI DSS, the Primary Account Number (PAN) can be stored after a transaction but it must be made illegible by using techniques such as encryption, truncation or hashing. If the PAN stores the cardholder name, expiration date and service code, additional efforts to protect the data should be adopted" — PCI Compliance Guide

      If the primary account number were properly encrypted, truncated or hashed and stored separately from cardholder name and expiration date, then how is it possible that these details were used for fraudulent transactions?

      Also, they are abusing the term "threat" in an attempt to avoid embarrassment. Their systems had a vulnerability which was exploited in an attack, leading to a data breach. They need to take full responsibility for failing to prevent this.

  • clarebear on 14/09/2016 - 17:29

    Oh wow!! I needed an item urgently nearly a year ago maybe 10months or so ago i'm not sure. I used my dads card and ordered online and went to pick it up, A few days later the card was locked by the bank as it was (fraud) used overseas. 😓

    So its been happening for a while by the looks!

    • ronnknee on 14/09/2016 - 17:35

      Wow, no way. A year ago?? Yikes, that means everyone here who made a partial purchase would've been affected!

    • Maverick-au on 15/09/2016 - 13:10
      -3

      Oh wow!! I needed an item urgently nearly a year ago maybe 10months or so ago i'm not sure. I used my dads card and ordered online and went to pick it up, A few days later the card was locked by the bank as it was (fraud) used overseas. 😓

      So its been happening for a while by the looks!

      I doubt it, there are no reports of anyone else suffering a loss that far back and the credit card companies would have traced it back to DDS well before now if this was the case.

  • Fake News on 14/09/2016 - 22:01
    +1

    My partner and I had our card numbers used overseas as well- we bought the $0.99 toilet paper with our Visa cards on 29/08

    His was used for $1166 AUS for 'Beds Online' in Florida on 05/09- but was charged in Canadian dollars???
    So we cancelled his card, changed all the direct debits, then mine was used for $111 AUS to Europcar in the UK 07/09… wasted a couple of hours changing them all AGAIN :(

    I can't believe Discount Drug Stores hadn't even bothered to contact customers before they put that post on Facebook. Pathetic customer service!

    • SnoozeAndLose on 15/09/2016 - 07:09

      Which post?

      • Turd on 15/09/2016 - 07:44

        The OP is updated

    • carlJack on 15/09/2016 - 12:32

      same thing here. bedsonline orlando Florida for 1800$ charged in canadian Dollar. Its suppose to be some kind of travel website. Looks completely dodgy.Noticed it only yestrday. Date of transaction was 6/9.

  • T-man on 15/09/2016 - 05:35
    +5

    If they don't offer PayPal, I won't buy anything on their website.

    • Turd on 15/09/2016 - 09:21
      -1

      Remember many years ago people where saying PayPal were scams etc etc? What happened? People trust them now? How things have changed.

    • nickj on 15/09/2016 - 11:00

      Yeah, I've come to feel that credit card is acceptable for online use for large services where you are a repeat customer, and returns are unlikely or their service is known to be good (e.g. teleco when on monthly service plan, amazon, Google, gas/electricity company, netflix), but that PayPal should be mandatory when buying online with a small/medium company, or a one-off purchase, or where returns & warranty are a concern.

      DDS' online store would fall into the second category, i.e. small/medium company + one-off purchase.

      • Maverick-au on 15/09/2016 - 12:58
        +1

        but that PayPal should be mandatory when buying online with a small/medium company, or a one-off purchase, or where returns & warranty are a concern.

        Why? Maybe everyone should have to buy Ford as well. Why should people have to use a service like PayPal when it has plenty of it's own issues. Maybe credit card providers should allow you to generate temporary cards but people won't do this as they're lazy and the same problem with PayPal exists where people are lazy with their email and PayPal passwords so it's easy to be a victim of fraud there.

        Maybe companies that offer to take credit cards online should have to be responsible and properly secure the data, if this is done there is no risk but there are too many lazy companies that see security as an unnecessary cost. Combined with weak laws in Australia that don't require notification nor any penalties and this is why more and more cases of stolen cards are occurring.

        Yeah, I've come to feel that credit card is acceptable for online use for large services where you are a repeat customer, and returns are unlikely or their service is known to be good (e.g. teleco when on monthly service plan, amazon, Google, gas/electricity company, netflix)

        Really? Like Target that lost 40 million credit card numbers? Neiman Marcus where 350,000 to 1.1 million credit card numbers went walkabout? Sally Beauty with around 280,000 lost? Michaels who lost 2.6 million card details? Home Depot with 56 million cards lost? TJX who lost between 45.6 and 90 million credit card details?

        All of these were major companies which according to you are safe as houses! It doesn't matter how "good" their service is or how big they are because if they don't treat security seriously they will be hacked.

        • nickj on 15/09/2016 - 14:30
          +2

          Yes PayPal definitely has issues, but if you're only buying and are backing it only with credit cards, not bank accounts, then it gives you a second line of defence + never releases your credit card details. I agree it has problems, such as high fees to withdraw/send, and problems with seller's accounts being locked, but as at this moment seems to be the best widespread solution available for consumers.

          And I would like there to be competition to PayPal (i.e. more choice that just a Ford Model T in black), and even signed up VISA checkout / V.me, but they've crippled that since and say they may disclose your credit card details directly to the merchant, which completely defeats the point of such a service IMHO. And bitcoin I guess is the only other payment alternative of note, but it's effectively a whole new currency that seems to be subject to large exchange-rate fluctuations, plus it's not widely accepted, so it's not much of a real-world solution now either.

          And yes, we should be able to make one-time-use credit card details, + separate reusable per-site details for each recurring transaction, the current situation of knowing CC number + expiry + CVC -> enough to commit repeated fraud anywhere in the world + whole physical card & all recurring transactions must change at card-holder’s inconvenience == completely ridiculous.

          And I agree the companies should have to be secure, and I think they should be legally liable for all costs incurred and time lost if they are not. Because if that were the case they would be deeply reluctant to even take that information in the first place, and would outsource it to experts with technical safeguards + insurance against theft, which is as it should be.

          And yes, big companies have been hacked. I'm not defending them because it is simply indefensible. But if you want to live in the modern world, where Google / amazon / etc refuse to take PayPal or similar, then you really only have the option of not using them, or using your credit card and trying to minimize the risk by only using the companies who have not had any fraud YET. I suppose it's the typical security vs convenience trade-off.

          Imagine if someone in the original DDS $1 toilet paper thread had said "I'm not shopping here because they might get hacked at some time in the future", then we as a community would probably have mocked them, saying "go back under your rock, and put your tinfoil hat back on". But they would have been right! So it's basically impossible to know ahead of time how secure something is. So I agree with everything you're saying, but I don't know what the logical actionable response as a consumer is, other than be exceedingly careful about who you give your credit details to, especially online.

        • Amour on 15/09/2016 - 20:52

          @nickj: I've had issues with a bank account linked to Paypal. It was an old account with no money kept long-term that I only used for Paypal and transferred money as needed. My Paypal got hacked and they tried to make four withdrawals from the account, which had no money in it at that time. I got stung with 4 x $75 overdrawn fees by Comm Bank= $300 in bank fees. I then got on a very long merry-go-round of Paypal blaming Comm Bank, then Comm Bank blaming Paypal, and then back again. After several hours someone at Comm Bank offered to waive half the fees. After even more hours on the phone someone at Comm Bank waived them all. Never again will I link a bank account to Paypal.

  • Turd on 15/09/2016 - 07:44
    +5

    This is so bad from Discount Drug Store. I won't buy from them ever again

  • T-man on 15/09/2016 - 09:40

    What about their physical stores? Do they save our credit cards details when we swap or tap the terminal?

    • LLdreamer on 15/09/2016 - 09:55

      I want to know the answer too. Made an in-store purchase last month. My Bankwest card has to be replaced, now hoping the other card used in-store was not compromised.

      • T-man on 15/09/2016 - 09:59

        yah that's scary, DDS is one of the small businesses on the Amex Shop Small map, I am going to use my Amex cards there tomorrow.

    • ronnknee on 15/09/2016 - 10:33
      +2

      For now, there hasn't been any recount on cards being compromised from in-store purchases so I guess it's safe to assume that only cards used online were compromised.

      Also from memory, the card terminals run on a system/network independent of the merchant meaning that even the merchants can't see your card details (just the last 4 digits). Correct me if I'm wrong.

      • bugman on 15/09/2016 - 10:48
        +1

        Correct only way that it could be compromised was if the terminal used in store had been tampered with.

  • relicsinner on 15/09/2016 - 11:10

    Same here thing happened to me, 1K+ of fraudulent transactions on my WP card used to book accommodation in Melbourne.

    I just got the notification today and have requested for DDS to remove my account from their database while I change up the my account details. It is totally not worth the hassle.

  • carlJack on 15/09/2016 - 12:29

    Happened to me as well. 1800$ in Orlando florida. Getting my money back from Citibank. Received the email from discount drug store. Last time it happened when i shopped few T shirts from Macpac.com.au

  • Maverick-au on 15/09/2016 - 12:52
    +3

    My bankwest credit card was compromised as well, multiple overseas transactions that were blocked and a new card sent.

    Huge hassle as this is the card I use for all my overseas transactions and have many services billed through it like web hosting, domain name renewals etc. Had to purchase some high value items using another card that cost me extra money.

    Telstra prepaid billing details had to be updated so I had to renew early also costing me money. All up I'll be out probably five hours to time in updating details and stuffing around plus around $50 in currency exchange costs and early renewal of prepaid mobile.

    It's about time that there were massive penalties for these companies including being responsible for covering all the costs of the victims.

    Their ridiculous claims that they meet all the PCI standards and encrypted the data is just absolute rubbish and because of the laws in Australia we will never know how useless DDS are.

    • sschen on 15/09/2016 - 15:27
      +2

      I am in total agreement with this post. I have at least half a dozen direct debit setup against my credit card. My credit card is NOT even 6 months old! Once I receive the new card, I will have to spend hours doing them all again.

      If anyone knows of a complaint line or government division that I can call to lodge a complaint against this business, I certainly would love to know about it so I can file a formal complaint.

      There definitely need to be major penalties imposed on businesses who aren't securing their online website properly!

      • Maverick-au on 15/09/2016 - 16:29
        +3

        Once I receive the new card, I will have to spend hours doing them all again.

        I think retailers should have to pay
        * $100 to each customer who has had their card details compromised
        * Any costs incurred as a result of their credit card being unavailable such as missed tickets or penalties
        * Responsibility for any charges not covered by the credit card provider and any interest etc.

        If other details are compromised like date of birth, addresses etc the penalties ramp up substantially and penalties include providing credit monitoring services.

  • bamzero on 15/09/2016 - 13:02

    So has anyone with a compromised card been contacted by DDS yet?

    • Turd on 15/09/2016 - 13:06

      Yes, they sent an email this morning.

      Dear valued customer,

      Unauthorised Data Access
      Discount Drug Stores has detected a threat on our website from a third party, aimed at extracting credit card information from some of our customers. We immediately shut down this threat, however we suspect some customers’ credit card details may have been compromised.

      No other personal information (e.g. names, addresses, passwords, health records, transaction history) was obtained.

      What does this mean for me?
      We recommend that you check your next credit or debit card statement, and if you have any concerns that a fraudulent purchase may have been made, please contact your bank or financial institution.

      We have also taken extra steps to further strengthen the security of our systems and we have reported this breach to all the relevant authorities including the Australian Federal Police, and the Office of the Australian Information Commissioner.

      Discount Drug Stores systems are fully compliant to all PCI Data Security Standards, and our website security ensures that payment information is entered on a separate page from all other customer details, with each page encrypted in a way that the information is not linked. This is an extra security step we take to further prevent identity theft and to protect customer information and transaction history.

      Please do not hesitate to contact us direct if you have any additional questions, [email protected]

      Kind regards,
      The Team at Discount Drug Stores

  • bugman on 15/09/2016 - 13:16

    "fully compliant to all PCI Data Security Standards" I'm calling BS….. if they where fully compliant this would not happen..

    Question for anyone that placed an order, on your invoice/receipt was your CC details in full? if so that's a dead give away that CC where not encrypted.

  • Master Haggler on 15/09/2016 - 13:39

    Yes I have some unauthorised transactions made on my credit card too. Most of them are made around Brisbane (I'm in Sydney) and dominos pizza

  • ckria on 15/09/2016 - 14:11

    About 10 days ago I logged in to my account and noticed there was a $0 transaction pending (from a service station in Florida) on my list. Called CBA and they said there has been an attempt to withdraw $1600 from my card but since the limit is $500 the transaction has been declined. Asked them to cancel my card and received a new one few days later.

    Now after 10 days got an email from DDS about this. Indeed companies like this should be proud of their customer service and data integrity. :(

  • tammydaoth on 15/09/2016 - 14:27

    I read this post and right after that, got the fraud $923. Contact bank and prevent that transaction at right time. New card will be replaced but when checked my last statement, $50 has been stolen :(. Contact with bank again and hope they can help. So guy, also check last month statement too ( around 18/08).

  • edgar28 on 15/09/2016 - 15:06

    so much hassle caused by DDS, and they knew it long time ago (as they fixed it before we complain about it)

    all direct debit request have to change
    replacement card might take 5-7 business days…….

    the worst is they screw up, not being transparent and never inform the customers (try to hide it)

  • sschen on 15/09/2016 - 15:10

    Just got a SMS from ANZ saying they have detected suspicious activity and blocked my card. I am pissed! I am NEVER ordering from this bunch of idiots again.

    EDIT: Just confirmed with ANZ that they are sending me a new card with completely new credit card numbers.

  • sschen on 15/09/2016 - 15:24
    +1

    Also found the following on their website. If they claim that they DO NOT keep a record our credit card details, how can our non-existent credit card details be stolen then????

    Is your site secure?
    Yes. Your confidential healthcare and credit card information is processed in a PCI-DSS secure DMZ. It is protected as prescribed by the PCI-DSS standards version 2. The transport of all data is encrypted by a SSL Thawte certificate which creates a secure https:// link between the cardholder and the payment pages. We do not keep a record of your credit card details after they are transmitted to the gateway.

    • Turd on 15/09/2016 - 15:27

      What can we do? call ACCCC?

      I hate this.. Such a pain for everyone!

      I think Chinese hackers are to blame? Like how ABS said so. Whatever happened to the ABS's report, that the top minister said?

      • sschen on 15/09/2016 - 15:30

        If they would deal with a complaint such as this, I certainly would do so. I am that angry at the moment.

  • FOX on 15/09/2016 - 15:54

    $1,408.17 worth of stuff purchased from Bedsonline.com in the US on September 5th, together with a $42.25 international transaction fee! Just called my bank to have the card cancelled and they'll send me form to fill out so they can work towards getting me a refund… this is really badass >_< Luckily I've only used this one card with Discount Drug Store so don't have to call multiple card companies.

  • tdw on 15/09/2016 - 16:46
    +1

    last time i bought anything from them was mid-2015. used a visa debit card. no unusual activity that i know of yet. there's only a few dollars balance on there

  • WaveZero on 15/09/2016 - 17:11
    +2

    Yep, same thing happened to me! I just joined OzBargain due to this issue and I also wanted to express my anger online (lol). I was a long time lurker, I guess this issue has finally gave me a legit reason to join.

    Anyhow, I didn't lose anything at all, but my card got cancelled and took about 2 business days before I got a new one. I was left without a card to use over the weekends and Monday. Was tough using cash when you need to go to the bank to get your money.

    Like most people would agree, that $5 dollar sign up bonus was not worth the hassle, time and stress most of us had to go through. I hope everyone who was really affected by this, can get their issue resolved fast and easy. Since I'm sure we all want to move on with our lives and not worry about mundane things such as this.

    All the best!

    • tdw on 15/09/2016 - 17:31
      +2

      i only used my $5 for that $4.99 quilton 10 pack. my cheapness saved me in this instance ;)

    • R3XNebular on 15/09/2016 - 17:42

      I was in the same situation. Wanted to buy food but couldn't… was fuming but couldn't figure out where my card was compromised. I was thinking of a card skimming device somewhere that I didnt see.

      • WaveZero on 15/09/2016 - 18:41

        Yeah, I was very confused as well on how my card details got leaked. I'm usually very careful with these sort of matters, so I actually narrowed it down to this store and places where I used it outside. Though I never had issues with card skimming or stuff like that in the past, so I was very skeptical that it was local stores I visted in the past weeks.

  • R3XNebular on 15/09/2016 - 17:42

    Does anyone recall whether their checkout actually had SSL?

    • ronnknee on 15/09/2016 - 20:10

      How can you tell if it does or not?

      • Maverick-au on 16/09/2016 - 21:35
        -2

        How can you tell if it does or not?

        If you don't know you shouldn't purchase anything online.

    • Maverick-au on 16/09/2016 - 21:18
      -3

      Does anyone recall whether their checkout actually had SSL?

      What does that have to do with what happened?

      And yes it does.

      • realfancyman on 16/09/2016 - 21:45

        It's got a little lock in the address bar and it says https instead of the regular http

        • Maverick-au on 16/09/2016 - 22:30
          -2

          It's got a little lock in the address bar and it says https instead of the regular http

          Which has nothing to do with the security of the web server, all it does is show that you data is encrypted between your browser and their web server.

  • Bullion78 on 15/09/2016 - 22:05

    Had credit cards for20 years and never had one solitary purchase that needed disputing..touchwood

    • Master Haggler on 16/09/2016 - 07:49

      Same here. Citibank have already credited back my unauthorised transactions.

  • bugman on 15/09/2016 - 23:17

    Well looks like DDS is giving everyone the shits, lucky you purchased something for that :)

  • abc xyz on 16/09/2016 - 11:56

    I also had fraud on my c/c few years back.
    Transaction was $1000 on online betting.
    I rarely used the card though.

    I reported straightaway (3d after the transaction date), and since it was my first time, i was in "panic".
    The Rep told me it is quite common these days and we just need to be more aware of.

    Though the process takes about 1-1.5 month to complete, i still believe it reasonable.

    Since then, I monitor closely my daily transaction. Especially sometimes the description name is not match with the store name.

  • smashed on 16/09/2016 - 12:26

    I don't understand how the banks failed to pinpoint the issue source.

    If they have 100 dodgy transactions reported it would make sense to cross-reference other transactions on the cards and look for other matching charges (eg Drug Store).

    • infinite on 16/09/2016 - 14:59

      Because usually banks only act on dodgy transactions over $100 or based overseas. Also, they have customers numbering in the millions. 100 dodgy transactions is not a statistically significant number for them to be concerned about. It's hard to even pin-down exactly what is dodgy in a lot of cases too, because when it comes down to it, people buy weird shit all the time & have bizarre spending habits as it is.

      • [Deactivated] on 16/09/2016 - 15:41

        banks have a weighted system

        account holder buys 99.999% of their shit from same country and state then suddenly being spent overseas it will trigger "doggy transactions"

  • andyman1908 on 16/09/2016 - 14:31
    +1

    Was wondering why I had suspicious transactions on two of my cards early last week. Now it makes sense (made two seperate orders on two different cards). Thanks op.

  • [Deactivated] on 16/09/2016 - 18:36
    +2

    Why the hell do they store card details on their site in the first place.

  • the crocodile on 16/09/2016 - 20:16

    Confirming that my CBA master card was used for 3 fraudulent transactions over Wed and Thur totally over $4000. Rang CBA and locked the account. 1 transaction has settled and the other 2 were still pending. Hoping CBA can get the money back and the bad guys caught!

    This is scary, certainly now I will think twice before I buy from online web site.

  • [Deactivated] on 17/09/2016 - 08:44

    Does this affect those who paywaved?

    I can't remember how I paid…

    ;'-(

    • Limitless on 17/09/2016 - 09:20

      I think this impacted online purchases only

Login or Join to leave a comment
Login Join