topic Re: MY QVC CARD HACKED in Q Talk

MY QVC CARD HACKED

Buck-i-Nana — Fri, 29 Aug 2014 16:26:14 GMT

I woke up this morning and checked my e-mail while enjoying my coffee. Imagine my surprise when I had an order confirmation for over $2,000 worth of merchandise!

I immediately logged in to my account and cancelled the order for 2 watches and 4 computers that were billed to me with ship to another location. I have NEVER ever used bill to/ship to someone else ever, yet QVC apparently didn't challenge this order at all.

I called CS and spoke to a woman and explained what has happened and asked if this was what was behind the big outage the other days, she said she would have no way of knowing this. She entered my card as "stolen" into their system so a new card could be sent. I said, no, it wasn't stolen it was hacked. I keep my card locked away. She said they didn't have an option to enter it as hacked. I asked for a supervisor. I waited on hold until I was told a supervisor wasn't available but I could request a call back and would hear from them within 4 hours. I got the number for corporate (not an 800 number by the way, but I have unlimited long distance). I called corporate and asked for fraud department. Transferred, put on hold, offered voice mail, held again, then an automated message instructs I must leave a voice mail.

BE WARNED FOLKS - Keep a close eye on your account. If you don't have it set up to confirm your ordered via e-mail set it up NOW!!! If you have any other cards on your account contact your card holders and report that you suspect QVC has been hacked and to either increase surveillance on your cards, or have them cancelled and new account numbers issued.

The nightmare begins.

Re: MY QVC CARD HACKED

chickenbutt — Fri, 29 Aug 2014 16:45:51 GMT

It's an awful feeling!

Another bad thing about it is that, even though they HAVE the address associated with the thief, they won't pursue anything and that person, or persons, will just move on and steal from somebody else. They'll keep doing it because they know two things - 1) sometimes they will actually pull it off; and 2) Nobody will pursue them and put their butt in jail, where they belong, so they can just keep on keepin' on.

I've had hacks on cards a few times over the years and this is the part that irks me the most. More than one financial institution has told me that it's just not cost-effective to pursue the thieves so they just write it off and the thief, even if they DID end up with the merchandise or money, gets away with it and can keep on doing it to others.

Re: MY QVC CARD HACKED

Buck-i-Nana — Fri, 29 Aug 2014 16:49:45 GMT

On 8/29/2014 chickenbutt said:
It's an awful feeling!

Another bad thing about it is that, even though they HAVE the address associated with the thief, they won't pursue anything and that person, or persons, will just move on and steal from somebody else. They'll keep doing it because they know two things - 1) sometimes they will actually pull it off; and 2) Nobody will pursue them and put their butt in jail, where they belong, so they can just keep on keepin' on.

I've had hacks on cards a few times over the years and this is the part that irks me the most. More than one financial institution has told me that it's just not cost-effective to pursue the thieves so they just write it off and the thief, even if they DID end up with the merchandise or money, gets away with it and can keep on doing it to others.

Wow, that really is insane!

I talked with my banker right after talking with the Q. My bank DOES pursue credit card fraud vigorously.

Re: MY QVC CARD HACKED

Tinkrbl44 — Fri, 29 Aug 2014 16:54:02 GMT

Sheesh ...... WHY is QVC so nonchalant about this?

Re: MY QVC CARD HACKED

chickenbutt — Fri, 29 Aug 2014 16:57:49 GMT

On 8/29/2014 Buck-i-Nana said:
On 8/29/2014 chickenbutt said:
It's an awful feeling!

Another bad thing about it is that, even though they HAVE the address associated with the thief, they won't pursue anything and that person, or persons, will just move on and steal from somebody else. They'll keep doing it because they know two things - 1) sometimes they will actually pull it off; and 2) Nobody will pursue them and put their butt in jail, where they belong, so they can just keep on keepin' on.

I've had hacks on cards a few times over the years and this is the part that irks me the most. More than one financial institution has told me that it's just not cost-effective to pursue the thieves so they just write it off and the thief, even if they DID end up with the merchandise or money, gets away with it and can keep on doing it to others.

Wow, that really is insane!

I talked with my banker right after talking with the Q. My bank DOES pursue credit card fraud vigorously.

Oh, that's awesome! I'm very glad to hear that all banks don't just write it off and ignore it. That was just upset on top of upset when I learned that. I tend to ask questions and that's how I learned from a few that they just let it go and write it off. I found that to be offensive.

Re: MY QVC CARD HACKED

mercyMe — Fri, 29 Aug 2014 18:03:25 GMT

Buck,

Was this your Q CARD or another card?

THANK YOU for warning us ... and I am sorry to hear about your dilemma. I never registered my Q card yet (recently received but did not use). This is why I might resort back to paying with a check.

Re: MY QVC CARD HACKED

millieshops — Fri, 29 Aug 2014 23:29:04 GMT

I check my credit cards almost every day. Thanks to this thread, I just checked the card I use for my Q purchases. It's fine, but if they actually were subject to a huge hacking, thieves could be into anyone's cards.

Two questions: Did you recognize the address the merchandise was sent to? Was it in the US?

So many hackers aren't even located in the US. That's one of the reasons companies don't go after them. Governments in Russia or Nigeria or wherever don't much care to help - never have and the cynic in me says they never will!

Re: MY QVC CARD HACKED

Buck-i-Nana — Sat, 30 Aug 2014 00:19:21 GMT

On 8/29/2014 mercyMe said:
Buck,

Was this your Q CARD or another card?

THANK YOU for warning us ... and I am sorry to hear about your dilemma. I never registered my Q card yet (recently received but did not use). This is why I might resort back to paying with a check.

Yes, it was my Q card.

The QVC finance woman I talked to claimed that it was my QVC account itself that was fraudulently accessed and that all my financial data is safe. Hmmm, why am I not believing that?

She had me change my QVC account password and they have my account flagged so any changes or orders being shipped to a different address will be challenged. Still, not feeling secure. It really bothers me how blase QVC is about their e-commerce and this website. I have no reason to believe anything is secure. When I challenged her regarding the site being down for so long the other day, she said it was because they were updating "outlook"....well, outlook is an intranet corporate e-mail system and shouldn't have anything to do with the e-commerce site. Now, if she'd said exchange server update, I'm maybe almost would have believed her.

Re: MY QVC CARD HACKED

Buck-i-Nana — Sat, 30 Aug 2014 00:21:34 GMT

On 8/29/2014 millieshops said:
I check my credit cards almost every day. Thanks to this thread, I just checked the card I use for my Q purchases. It's fine, but if they actually were subject to a huge hacking, thieves could be into anyone's cards.

Two questions: Did you recognize the address the merchandise was sent to? Was it in the US?

So many hackers aren't even located in the US. That's one of the reasons companies don't go after them. Governments in Russia or Nigeria or wherever don't much care to help - never have and the cynic in me says they never will!

I had never seen the address it was being shipped to, nor did I recognize the name of the addressee. Given the high value of the items (4 laptop computers) I would have thought they would have to be signed for, but who knows with QVC anymore.

The order was being shipped to Oviedo FL.

Re: MY QVC CARD HACKED

Tinkrbl44 — Sat, 30 Aug 2014 00:33:43 GMT

On 8/29/2014 Buck-i-Nana said:
On 8/29/2014 mercyMe said:
Buck,

Was this your Q CARD or another card?

THANK YOU for warning us ... and I am sorry to hear about your dilemma. I never registered my Q card yet (recently received but did not use). This is why I might resort back to paying with a check.

Yes, it was my Q card.

The QVC finance woman I talked to claimed that it was my QVC account itself that was fraudulently accessed and that all my financial data is safe. Hmmm, why am I not believing that?

She had me change my QVC account password and they have my account flagged so any changes or orders being shipped to a different address will be challenged. Still, not feeling secure. It really bothers me how blase QVC is about their e-commerce and this website. I have no reason to believe anything is secure. When I challenged her regarding the site being down for so long the other day, she said it was because they were updating "outlook"....well, outlook is an intranet corporate e-mail system and shouldn't have anything to do with the e-commerce site. Now, if she'd said exchange server update, I'm maybe almost would have believed her.

QVC had a website problem the other day ...... I don't know how just ONE customer's Q card could be hacked ..... maybe QVC has been totally hacked and MANY of us have had account information stolen!

Are there any computer geek geniuses here that could tell me if that's even possible .... only ONE Q card gets hacked?

Re: MY QVC CARD HACKED

Zita — Sat, 30 Aug 2014 00:58:16 GMT

Whenever I buy an item from Amazon to be shipped to another person, they make me verify the number of the credit card I use, and if it's a different one I have to fill out online all the usual information.

I am happy to do this because it means they are on top of things.

In fairness to the Q, I always receive a confirmation email from them whenever I order something from them, so I would catch it right away if my card were hacked.

Re: MY QVC CARD HACKED

Spurt — Sat, 30 Aug 2014 02:31:30 GMT

You have to be diligent these days on ALL your cards....one of my cards got hacked and it was on Amazon so be careful of their 3rd party vendors it's not just QVC.....

Re: MY QVC CARD HACKED

Angelbear — Sat, 30 Aug 2014 06:01:27 GMT

So, let me get this straight. They are admitting they had a security breach and people got into accounts here? To me, that's something that should be reported to authorities, like the Target breach last year. I got snagged on that one and got a new debit card from my bank, just in case. No one had tried to use my card number though.

If QVC had a breach, which is what it is, not really a "hack" but something really worse, they should notify all their customers, as Target did.

Re: MY QVC CARD HACKED

upshatesme — Sat, 30 Aug 2014 06:01:35 GMT

On 8/29/2014 Tinkrbl44 said:
Sheesh ...... WHY is QVC so nonchalant about this?

maybe it was an employee of the q

Re: MY QVC CARD HACKED

Angelbear — Sat, 30 Aug 2014 06:09:17 GMT

You would really think that sending four computers to one place would trigger something or other. When I order oddly, out of my usual spending habits, my CCs call me to verify it, especially when I order or buy on vacation or am having it sent somewhere. I'd say a Ship To/Bill To for four computers would trigger some sort of verification.

Re: MY QVC CARD HACKED

Buck-i-Nana — Sat, 30 Aug 2014 18:42:43 GMT

On 8/29/2014 Angelbear said:
You would really think that sending four computers to one place would trigger something or other. When I order oddly, out of my usual spending habits, my CCs call me to verify it, especially when I order or buy on vacation or am having it sent somewhere. I'd say a Ship To/Bill To for four computers would trigger some sort of verification.

Same here. My bank is really aggressive about monitoring their credit card purchases.

As someone else said, it's really doubtful that just one account was accessed. Whether it was their entire system compromised or just individual accounts, QVC is targeted. They seem proud of themselves for implementing passwords over 4 digit PINS for access, and yet they only allow alpha-numeric, no special characters. Why on earth implement a less than current technology and recommendations for passwords? Passwords should require Upper case, lower case, numeric AND SPECIAL CHARACTERS.

I've been a QVC customer since day one, but now I have serious doubts about their services and their priorities of protecting their customers. The QVC finance person I talked to seemed to not care if I ever bought from QVC again.

Re: MY QVC CARD HACKED

SHOPR — Sat, 30 Aug 2014 20:47:35 GMT

I'm sorry this happened to you and am very concerned, as we all should be.

I apologize if I misunderstood what seems to have taken place. It seems to me that they definitely got into your qvc.com purchasing account, and not just your Q card information, wherever it is stored out there. From re-reading reply #7, it sounds like the finance lady knows it, too. I'm sure your password was not any less secure than any of ours, considering that we don't have much to choose from when picking a password (no special characters, etc.) and this is a big deal.

Thank you for the heads up on this matter. I will be diligently checking both my qvc account and my major CC account. I do not have a Q card.

Re: MY QVC CARD HACKED

stevieb — Sat, 30 Aug 2014 20:56:35 GMT

On 8/30/2014 Buck-i-Nana said:
On 8/29/2014 Angelbear said:
You would really think that sending four computers to one place would trigger something or other. When I order oddly, out of my usual spending habits, my CCs call me to verify it, especially when I order or buy on vacation or am having it sent somewhere. I'd say a Ship To/Bill To for four computers would trigger some sort of verification.

Same here. My bank is really aggressive about monitoring their credit card purchases.

As someone else said, it's really doubtful that just one account was accessed. Whether it was their entire system compromised or just individual accounts, QVC is targeted. They seem proud of themselves for implementing passwords over 4 digit PINS for access, and yet they only allow alpha-numeric, no special characters. Why on earth implement a less than current technology and recommendations for passwords? Passwords should require Upper case, lower case, numeric AND SPECIAL CHARACTERS.

I've been a QVC customer since day one, but now I have serious doubts about their services and their priorities of protecting their customers. The QVC finance person I talked to seemed to not care if I ever bought from QVC again.

Sadly, that sort of seeming arrogance seems pervasive here. I've almost always found most of the CS folks to be appreciative and at least trying to be helpful, but my few contacts with "corporate" have tended to be less so. The overall corporate tone seems to be one that thinks customers are easily replaced or are otherwise expendable and that all those 'new' customers they're always crowing about will be returning to the trough over and over... And frankly, I'm also with you on that 'update to Outlook' explanation for the website crash. I can't quite figure out what their email functionality had to do with it...

Re: MY QVC CARD HACKED

hopeQ1 — Mon, 01 Sep 2014 08:53:13 GMT

What happened to QVC putting their customers first, and protecting their privacy, ID's , protecting their accounts, and making sure they feel safe using their accounts and website? This isn't the first time this year it has been hacked.

Therefore, I believe they must tighten all of their security methods, regardless of the cost.

Otherwise, they may loose credit cards purchasers, like me.

Re: MY QVC CARD HACKED

QVCrocks! — Tue, 02 Sep 2014 16:19:14 GMT

This same thing happened to me yesterday. I DO have the address in Oviedo, FL, where the merchandise would have been delivered. Did you file a police report? I am considering it now that I have this information that it happened to you too.