Chain Reaction Cycles Boycott Petition

Lemag

With the bad taste left here amongst many boardsies following Chain Reaction Cycles' percieved unsatisfactory response to the credit card fraud situation which recently occurred, I've created this petition where those who feel stongly enough can show their intent to boycott (or not) Chain Reaction Cycles until they have sufficiently dealth with the situation.

For those of you who are unfamiliar with this situation you can read about it here

Feel free to constructively criticise CRC's handling of this situation and perhaps express suggestions for what steps they ought to take to best deal with it.

As this is a petition the votes cast on this poll are public.

MODS - If this in anyway contravenes the rules of boards &/ this cycling forum then please delete.

macken04

I intend to keep buying from CRC if it suits me to do so

Hi Lemag,

I will support those who have not received a satisfactory resolution regarding this matter. However, I assume this thread is solely in relation to the matter outlined above and not other issues. I do find crc do be quite good aside from this obvious major failing.

Lemag

I intend to keep buying from CRC if it suits me to do so

macken04 wrote: »

Hi Lemag,

I will support those who have not received a satisfactory resolution regarding this matter. However, I assume this thread is solely in relation to the matter outlined above and not other issues. I do find crc do be quite good aside from this obvious major failing.

Cheers macken04. I'm in the same boat as you and I haven't been stung YET!!

kennyb3

I ll be boycotting them for good - i hate when companys treat customers with contempt. The non response to numerous e mails is a disgrace. I ll be shopping elsewhere personally.

TinyExplosions

I have no opinions on this matter

shit happens, sometimes details get stolen and companies handle stuff badly... does it worry me? No, as
1: I'm not out of pocket (and I don't think there's been anyone that has mentioned that they are -yes it's an inconvenience, but has anybody had to pay for a fraudulent transaction?)
2: It's the internet, sites get hacked, details stolen, that's why the credit card companies have fraud protection
3: You can pay via PayPal if you're more paranoid (but then, maybe they may get hacked one day -see point two above)

Yes, they could have done a better PR job, or maybe that would have led them to even more problems, as once you start engaging, how do you stop without cries of "They used to reply to everything, now they've just shut up and are saying nothing -it must have been them that leaked the info etc etc etc" -you can't win on the internet at all. Maybe they've got so many emails that they are going through them all and it's taking time rather than just doing a copy and paste job, who knows?

Build a bridge and get over it folks!

-I write the above as someone who's now been Credit Cardless for 3 weeks thanks to a combination of An Post and CRC, but if it's cheaper there than elsewhere I'd have no hesitation in buying from em

-besides, it's so hard keeping up with all the stuff we should boycott these days, I don't want to have to add another company to the list (fucking Nestle takes up most of my time as it is)

petethedrummer

I intend to keep buying from CRC if it suits me to do so

I'm not boycotting out of a moral outrage from the stonewalling, I just don't want my details stolen again, so I'm not sure if I can trust their site.

I see 3 scenarios from what happened to me:

1. My last transaction before the fraudulent one was with Wiggle, so it could have been their site. I will email them also.

2. My details were taken from CRC weeks ago and the thieves are only getting round to using my details now.

3. My details were taken after CRC said everything was fine but maybe its not.

It's probably scenario 2.

AstraMonti

I intend to keep buying from CRC if it suits me to do so

TinyExplosions wrote: »

shit happens, sometimes details get stolen and companies handle stuff badly... does it worry me? No, as
1: I'm not out of pocket (and I don't think there's been anyone that has mentioned that they are -yes it's an inconvenience, but has anybody had to pay for a fraudulent transaction?)
2: It's the internet, sites get hacked, details stolen, that's why the credit card companies have fraud protection
3: You can pay via PayPal if you're more paranoid (but then, maybe they may get hacked one day -see point two above)

Yes, they could have done a better PR job, or maybe that would have led them to even more problems, as once you start engaging, how do you stop without cries of "They used to reply to everything, now they've just shut up and are saying nothing -it must have been them that leaked the info etc etc etc" -you can't win on the internet at all. Maybe they've got so many emails that they are going through them all and it's taking time rather than just doing a copy and paste job, who knows?

Build a bridge and get over it folks!

-I write the above as someone who's now been Credit Cardless for 3 weeks thanks to a combination of An Post and CRC, but if it's cheaper there than elsewhere I'd have no hesitation in buying from em

-besides, it's so hard keeping up with all the stuff we should boycott these days, I don't want to have to add another company to the list (fucking Nestle takes up most of my time as it is)

I 'll have to disagree. The issue is not getting hacked, this is subject to happen at any site at any time. Problem is that CRC is trying to hide it under the carpet and this is showing lack of respect to people using their site. I would love an email "Gents and ladies, we seriously fecked up and your details have been compromised. For your own security we advise you to cancel your credit card blah blah blah". I can't see how honesty is going to cost them anything, yeah maybe their inboxes would be overrun by emails, but ok you got hacked, pay a couple of days overtime to the people to stay later and deal with the issues like a proper business.
Now what they are trying to do is "yeah we got hacked, but sssssh.. we don't have to make a big deal out of it now do we?".

penexpers

I intend to keep buying from CRC if it suits me to do so

AstraMonti wrote: »

I 'll have to disagree. The issue is not getting hacked, this is subject to happen at any site at any time. Problem is that CRC is trying to hide it under the carpet and this is showing lack of respect to people using their site. I would love an email "Gents and ladies, we seriously fecked up and your details have been compromised. For your own security we advise you to cancel your credit card blah blah blah". I can't see how honesty is going to cost them anything, yeah maybe their inboxes would be overrun by emails, but ok you got hacked, pay a couple of days overtime to the people to stay later and deal with the issues like a proper business.
Now what they are trying to do is "yeah we got hacked, but sssssh.. we don't have to make a big deal out of it now do we?".

This pretty much echoes my opinion on the matter - they really should have made a public announcement about it as early as possible. Most people would understand that credit card details can get stolen. They didn't though and now it just looks like they are trying to hide something. They won't be getting another penny off me.

penexpers

I intend to keep buying from CRC if it suits me to do so

Oh and there should be a 4th option in the poll - never shopping there again.

DirkVoodoo

I intend to keep buying from CRC if it suits me to do so

I agree with Astramonti, the issues is not one of security but of courtesy. CRC have not shown any of this to their customers, instead only worrying about damage to their image which ironically they have now done themselves through this attempted "cover-up".

I use paypal, my details were not stolen and I have in the past had a dispute successfully resolved by CRC. However, I my finger will hover over the mouse a little longer before I click "buy" and I may be tempted to purchase from other sites even if they may be a little slower.

There is a principle involved in all of this, one of treating your customers with respect.

doozerie

TinyExplosions wrote:

Yes, they could have done a better PR job, or maybe that would have led them to even more problems, as once you start engaging, how do you stop without cries of "They used to reply to everything, now they've just shut up and are saying nothing -it must have been them that leaked the info etc etc etc" -you can't win on the internet at all. Maybe they've got so many emails that they are going through them all and it's taking time rather than just doing a copy and paste job, who knows?

It think it depends on the specific issue that people have with CRC in this case. I certainly agree with you that credit card fraud happens, it really is just a fact of life and it could be argued that not having your card scammed makes you lucky rather than having it scammed making you unlucky. But it's how a retailer deals with the issue when it arises that defines their professionalism and the value they place on their customers.

Since they identified the problem CRC have done little to distinguish themselves in my view. Quite the contrary in fact, I believe that their PR job has been terrible and damaging. No responses to customer e-mails is extremely bad, much like refusing to answer your phone when you've advertised your phone number as a means of contacting you (that costs bricks and mortar stores a lot of goodwill and ultimately business), but they've also provided no details/dates to help customers figure out for themselves whether their card might have been used during the "dodgy" period and that is inexcusable as far as I am concerned. It shows no respect at all for customers. It is hard enough for a business to earn respect from customers in an era where people can just as easily shop at some other online shop on the basis of price/trust/whim/etc., to throw away any respect that you may have built up over time is just bizarre and I can't fathom why CRC seem to be continuing to just hope that this whole thing will blow over.

I don't believe that this incident will cause CRC anything more than a brief dip in sales though, if that even, I think that many people will continue to buy from them if the price is good. However it does give their competitors an opportunity to claw back some customers at least, all they need is to have prices which are reasonably close to those of CRC and the ill will amongst disgruntled CRC customers will be enough to convince some of them to buy from somewhere other than CRC even if it means paying a little more.

So, to my mind the question of whether CRC's systems are secure doesn't arise as I'd never use anything other than Paypal if buying from them again. For me it's really a matter of whether the quality of service from CRC is adequate, and on the basis of this incident it certainly isn't. But having said all of that I too will probably buy from them again if they have something I can't get elsewhere or if their price is significantly cheaper, but while they might have been the first site I'd consider in the past they no longer are now.

alphabeat

for those of you who think that a hack / loss of CC details is just an inconvenience

if sites like this are not boycotted, then standards will drop and they will all be doing it - eventually ID theft will be come rife , and we will all be in much deeper sh1t.

customers should have NO tolerance of internet site fraud , it should be treated with extreme backlash , given its easy to use / not local format.

would you go back to a shop in town that had staff stealing credit card details regularly ?

the site needs to be taught a lesson.

blorg

Being hacked is forgivable, their handling of it is not.

Hail 2 Da Thief

I intend to keep buying from CRC if it suits me to do so

Their failure to inform ALL customers of this issue is unacceptable imo.
There's plenty of other competitve companies out there that are more than happy to accept my custom. I have & will continue to shop elsewhere!

TinyExplosions

I have no opinions on this matter

alphabeat wrote: »

for those of you who think that a hack / loss of CC details is just an inconvenience

if sites like this are not boycotted, then standards will drop and they will all be doing it - eventually ID theft will be come rife , and we will all be in much deeper sh1t.

customers should have NO tolerance of internet site fraud , it should be treated with extreme backlash , given its easy to use / not local format.

would you go back to a shop in town that had staff stealing credit card details regularly ?

the site needs to be taught a lesson.

Not even remotely true. The standards for security and payment etc are ones driven by the Credit Card companies (who ultimately foot the bill in cases of fraud, or at least their insurance companies do) and it's fair to say that they have more clout with an internet site than some disgruntled customers.

As for your shop comment, it's a fairer analogy to ask "would you go back into a shop that had a break in and an undetermined number of Credit Card details stolen" and the answer is the same as my view with CRC, yes I would.

I still feel that they handled it badly, but that they are/were also between a rock and a hard place which may have informed their choices in the matter, and it'll not put me off spending money there

Lemag

I intend to keep buying from CRC if it suits me to do so

TinyExplosions wrote: »

Not even remotely true. The standards for security and payment etc are ones driven by the Credit Card companies (who ultimately foot the bill in cases of fraud, or at least their insurance companies do) and it's fair to say that they have more clout with an internet site than some disgruntled customers.

As for your shop comment, it's a fairer analogy to ask "would you go back into a shop that had a break in and an undetermined number of Credit Card details stolen" and the answer is the same as my view with CRC, yes I would.

I still feel that they handled it badly, but that they are/were also between a rock and a hard place which may have informed their choices in the matter, and it'll not put me off spending money there

This is somewhat slightly over the top scare mongering by alphabeat however CRC have STILL not alerted their customers. There might be those out there who don't use internet forums and whose usual creditcard activity might not differ much from the kind of fraudulent activity which has been taking place. In such cases these fraudulent transactions won't seem to be irregular and no flags will be raised leaving the customer to foot the bill. As well as sending out an email to all of their customers they should make the situation known to new and repeat visitors of their site with explicit informative notices on their homepage.

How else can the consumer seek satisfaction from CRC regarding this matter other than to boycott them?

Canis Lupus

I wasn't stung although I did switch to Wiggle in the short term (I expect I'll go back to whoever gives the better deal at the time).

Having said that, I really do feel the company failed in regards to communication over this matter.

Undercover Elephant

I have no opinions on this matter

Lemag wrote: »

As well as sending out an email to all of their customers they should make the situation known to new and repeat visitors of their site with explicit informative notices on their homepage.

Would you do this in your own business?

TinyExplosions

I have no opinions on this matter

As a matter of interest, when should everyone put the pitchforks down and go back to shopping there, or is this a permanent thing?

Biopace

I have no opinions on this matter

I will go back to CRC, yes they messed up on the communication side, but service and stock wise they have always been excellent, that said this card fiasco has prompted me to shop around and it has opened my eyes as to what deals there are out there beyond CRC.:)

AstraMonti

I intend to keep buying from CRC if it suits me to do so

Undercover Elephant wrote: »

Would you do this in your own business?

If you respect your customers yes you do.

Lemag

I intend to keep buying from CRC if it suits me to do so

Undercover Elephant wrote: »

Would you do this in your own business?

Yes. To not do so could be more harmful to the business in the short/long term.

A business can operate whatever it wants to within the confines of the law in order to maximise its profits(or outside the law if they are an Irish bank:rolleyes:). The consumer, if unhappy with the behaviour of a particular business, is within their right to choose not to give them their custom and to ask others to not do so also. If the request is unreasonable then they are unlikely to receive much support from other consumers.

TinyExplosions wrote: »

As a matter of interest, when should everyone put the pitchforks down and go back to shopping there, or is this a permanent thing?

Read the first option in the petition. Whatever about CRC's future behavour, if another company, say Wiggle, finds themselve in a similar situation in the future, they'll be more inclined to act appropriately if they see a sufficiently large negative reaction to the way in which CRC have handled this situation.

TinyExplosions

I have no opinions on this matter

Lemag wrote: »

Read the first option in the petition. Whatever about CRC's future behavour, if another company, say Wiggle, finds themselve in a similar situation in the future, they'll be more inclined to act appropriately if they see a sufficiently large negative reaction to the way in which CRC have handled this situation.

I have read it, and my question still stands. What do you class as sufficiently dealing with this situation? To me that would be increasing security so that it doesn't happen again, which they may have already done, or it could be that the 'situation' is no longer the hack resulting in loss of credit cards, and is now just a bit of PR that you disagree with, in which case it would seem that they are unlikely to reverse the situation, as it wouldn't really be in their interest to stick a big "We were hacked a number of weeks ago folks, but it's fixed now" type of message on their website... yes they could have handled it better at the time, but that's passed now. Or is it just until the people who've emailed them get the canned reply that's been stuck up here by others, and CRC themselves, into their own inboxes?

blorg

They should have notified their customers. They still have not done so. That really is inexcusable. Notification of customers is a legal requirement in some jurisdictions (unfortunately not in the UK) and is The Right Thing To Do.

Lemag

I intend to keep buying from CRC if it suits me to do so

TinyExplosions wrote: »

I have read it, and my question still stands. What do you class as sufficiently dealing with this situation? To me that would be increasing security so that it doesn't happen again, which they may have already done, or it could be that the 'situation' is no longer the hack resulting in loss of credit cards, and is now just a bit of PR that you disagree with, in which case it would seem that they are unlikely to reverse the situation, as it wouldn't really be in their interest to stick a big "We were hacked a number of weeks ago folks, but it's fixed now" type of message on their website... yes they could have handled it better at the time, but that's passed now. Or is it just until the people who've emailed them get the canned reply that's been stuck up here by others, and CRC themselves, into their own inboxes?

I intend to boycott CRC until I am happy that they have sufficiently dealth with this situation

It's up to the individual. For me it would be an email, generic or otherwise, informing their customers of the fraud. Idealy detailing all pertinent information that they were able to uncover with their

CRC Customer Support wrote: »

completed a full forensic investigation

and information posted on their site.

Since they haven't been responding to emails what other course(s) of action does that leave their customers have other than to boycott them and to ask others to do likewise? How else will they receive the proverbial 'boot up the hole' that they deserve/need?

TinyExplosions

I have no opinions on this matter

Lemag wrote: »

It's up to the individual. For me it would be an email, generic or otherwise, informing their customers of the fraud. Idealy detailing all pertinent information that they were able to uncover with their and information posted on their site.

It's highly unlikely that they'll post any details of what was uncovered -it would be very unusual for anyone subject to a security breech to go into those kind of details, it would usually be along the lines of "we were hacked, we figured out why and have fixed it", which is what they have done in the emails that were sent out, and in the postings on boards and elsewhere

Lemag wrote: »

Since they haven't been responding to emails what other course(s) of action does that leave their customers have other than to boycott them and to ask others to do likewise? How else will they receive the proverbial 'boot up the hole' that they deserve/need?

Well, seeing as they've put the form letter they were sending out to people up on this forum, you could very well say that they have informed boards users that fraud happened and has been fixed. Yes, it's not a direct email, but we've all seen it, and for all we know there's hundreds of responses sitting in junk filters all over the place.

I think that the credit card providers would provide any boot up the hole necessary

Lemag

I intend to keep buying from CRC if it suits me to do so

I actually just thought of another way to protest their behaviour. Perversely, give them some extra business. Find the cheapest item which they sell. Place individual orders for it and have them shipped to the furthest place to which the offer free delivery

Lemag

I intend to keep buying from CRC if it suits me to do so

TinyExplosions wrote: »

Well, seeing as they've put the form letter they were sending out to people up on this forum, you could very well say that they have informed boards users that fraud happened and has been fixed. Yes, it's not a direct email, but we've all seen it, and for all we know there's hundreds of responses sitting in junk filters all over the place.

Their letter was disingenuous to say the least -

CRC Customer Support wrote: »

Hi Folks,

First of all, apologies for not picking up on this thread earlier. We monitor a large volume of cycle specific forums and have posted our response to this issue on many of those but unfortunately Boards.ie slipped under our radar. As you can see from our official response below the issue has been identified and resolved. We would still like to encourage anyone affected who has not already contacted us to get in touch by emailing us at enquiries@chainreactioncycles.comand we will be glad to help you.

We have completed a full forensic investigation following recent reports and concerns from our customers experiencing credit card fraud after placing an order with CRC.

The independent forensic investigation has shown that our infrastructure has been the target of a number of sophisticated attacks which has resulted in the theft of card details relating to a very small number of our customers. Details were being stolen ‘real time’ so only recent customers of CRC are being affected.

Recent customers of CRC may find that, as a precaution, their credit card company will reissue a new card. Be assured that if this does occur it does not indicate that your details have been compromised.

The access point of the theft has been indentified and permanently closed off so we are confident that we have fully addressed any weakness in our infrastructure.

We are sincerely sorry for what has happened in recent weeks and would like to thank you for your patience and support throughout this difficult period.

Our site is safe to use and will be continually monitored and tested by independent on-line security experts to ensure your details are safe.

Thanks again for your patience and support,

Michael Cowan
CRC Senior Management

doozerie

TinyExplosions wrote:

It's highly unlikely that they'll post any details of what was uncovered -it would be very unusual for anyone subject to a security breech to go into those kind of details, it would usually be along the lines of "we were hacked, we figured out why and have fixed it", which is what they have done in the emails that were sent out, and in the postings on boards and elsewhere

It depends on the "details" that you are talking about here. Me, I believe it is perfectly reasonable for them to indicate the start and end dates of the compromise, even if only in terms of the start and end months. They have a certain duty of care towards the private information that customers provide to them (credit card details are the main concern here but it extends to other personal information as well), and if they are negligent in protecting that information then they should at least be forthcoming with something more than "We wuz hacked. Oops. We're grand now though. Thanks, Bye!" response that they've stuck to since they admitted discovering the breach. As already mentioned, in some jurisdictions there are legal requirements on retailers to protect such information, in others there are not. The law is unfortunately weakly applied in this area generally, something which will hopefully change sooner rather than later because the likes of CRC seem unwilling to adhere to any moral or professional obligations.

My interest in this is more than just academic - I used my credit card on their site last November (for reasons that I can't figure out right now, considering I was using Paypal on their site for a while by then) and I have no way of knowing if this issue dates back as far as then. It *probably* doesn't go back that far but the point is that CRC have provided no information that gives me any comfort in making that assumption so it's quite possible that my credit card details have been exposed too. Their attitude is essentially, "Screw you, we're just fine, so shush", which for a business is usually a stance that's akin to shooting yourself in both feet.

Undercover Elephant

I have no opinions on this matter

Lemag wrote: »

A business can operate whatever it wants to within the confines of the law in order to maximise its profits(or outside the law if they are an Irish bank:rolleyes:). The consumer, if unhappy with the behaviour of a particular business, is within their right to choose not to give them their custom and to ask others to not do so also. If the request is unreasonable then they are unlikely to receive much support from other consumers

Of course - no one disputes that. I am just asking you whether you would do what you are suggesting in your own business. I can't honestly say that I would - the website notice at least. Why would you alert people who don't already know of the problem? If you would, why stop there? Why not put your entire customer complaints file online, with a big red banner linking to it on the front page?

I tend to agree that they should have contacted everyone whose card might have been affected, but does anyone actually do this in the real world? I have three times had a card skimmed (not CRC) and heard squat from the retailer responsible.



Edit: There's also no point just withdrawing your business if you're trying to get them to change behaviour, rather than just because you don't trust them. You also need to let them know you are doing it, why, what is expected of them and what would make you come back. This isn't addressed to the OP, who has clearly done all of this, but to anyone who is thinking of doing a silent boycott.

Deisetrek

I intend to keep buying from CRC if it suits me to do so

Undercover Elephant wrote: »

Of course - no one disputes that. I am just asking you whether you would do what you are suggesting in your own business. I can't honestly say that I would - the website notice at least. Why would you alert people who don't already know of the problem? If you would, why stop there? Why not put your entire customer complaints file online, with a big red banner linking to it on the front page?

I tend to agree that they should have contacted everyone whose card might have been affected, but does anyone actually do this in the real world? I have three times had a card skimmed (not CRC) and heard squat from the retailer responsible.

In actual fact it would not have been any harm for CRC to have put a big red banner as you call it, or a pop up on the front page . I have a similar phising alert on my bank page every time I open it . Does it stop me using the online services? ...no but I appreciate the tip off . CRC have cocked up major on this and it's pathetic response will likely be costly , and rightly so ( even if it turns out to be only temporary) .

Undercover Elephant

I have no opinions on this matter

Deisetrek wrote: »

In actual fact it would not have been any harm for CRC to have put a big red banner as you call it, or a pop up on the front page . I have a similar phising alert on my bank page every time I open it . Does it stop me using the online services? ...no but I appreciate the tip off .

That's not the same thing, though, is it? That's a warning against being taken in by fake web sites. The bank isn't saying "we screwed up". It's saying, "we're safe, so make sure you don't screw up".

Do you really appreciate the tip off? Bugs the sh1te out of me.:rolleyes:

velo.2010

Who got a voucher and how long did it take?

I sent off a strongly worded but polite email about the hassle of having my money refunded, fraud forms to fill out and so on. I got an automatic reply email about their office hours etc. and that they'll be in touch.

A voucher might just ease the pain!

Lemag

I intend to keep buying from CRC if it suits me to do so

Let me tackle your question again

Undercover Elephant wrote: »

Would you do this in your own business?

Consumer confidence is a huge part of ecommerce.

When they release a letter stating

CRC Customer Support wrote: »

apologies for not picking up on this thread earlier. We monitor a large volume of cycle specific forums and have posted our response to this issue on many of those but unfortunately Boards.ie slipped under our radar.

Unlikely given that cycling forum on boards.ie is probably the most frequented cycling forum in Ireland. I'm going with this being a lie on CRC's behalf.

CRC Customer Support wrote: »

We have completed a full forensic investigation following recent reports and concerns from our customers experiencing credit card fraud after placing an order with CRC.

So CRC will have known when the fraud took place and CRC will have email contact details for all online orders placed with credit cards during this time. So CRC should email the affected customers. Unless of course CRC are lying and have not actually done a "full forensic investigation"

CRC Customer Support wrote: »

sophisticated attacks which has resulted in the theft of card details relating to a very small number of our customers.

It would appear as though everyone who used their credit card for a CRC transaction during certain (unreleased) dates was stung. So the number is actually not SMALL. Another smoke-screen/lie?

CRC Customer Support wrote: »

We would still like to encourage anyone affected who has not already contacted us to get in touch by emailing us at enquiries@chainreactioncycles.comand we will be glad to help you.

So where are the responses to the numerous emails which CRC have requested? More BS :rolleyes:

CRC Customer Support wrote: »

Our site is safe to use and will be continually monitored and tested by independent on-line security experts to ensure your details are safe.

Given the amount of BS in the above and CRC's total disregard for their customers so far regarding this matter why should one believe that they are tell the truth when they claim that their site is now safe and that it will be "continually monitored"

If they had tackled this head on from the beginning I would be more inclined to take their word for it regarding their communication of the situation and I would be more inclined to trust the security of their site or that with their merchant service provider.

As you mentioned in another Undercover Elephant, an individual's silent protest would be pretty pointless. However, if their business is sufficiently negatively impacted by a mass boycott then they will be forced into action on the situation.

Captain Havoc

I have no opinions on this matter

I just ordered from them.

Deisetrek

I intend to keep buying from CRC if it suits me to do so

Captain Havoc wrote: »

I just ordered from them.

G'wan ya daredevil

_DMac_

I have no opinions on this matter

and this is why i only use 3v vouchers where possible when buying stuff off the interwebs... crc made a balls of what they done after the fact but its still a very common occurrence and it all ways will be no matter what site you use.

Lemag

I intend to keep buying from CRC if it suits me to do so

Captain Havoc wrote: »

I just ordered from them.

Well you've sure shown them...


Unless

Lemag wrote: »

I actually just thought of another way to protest their behaviour. Perversely, give them some extra business. Find the cheapest item which they sell. Place individual orders for it and have them shipped to the furthest place to which the offer free delivery

Captain Havoc

I have no opinions on this matter

Lemag wrote: »

Well you've sure shown them...


Unless

I wasn't trying to show them anything. They fooked up, they don't care and neither do I.

Hail 2 Da Thief

I intend to keep buying from CRC if it suits me to do so

Lemag wrote: »

Well you've sure shown them...

Petition to remove CH as a mod?

at1withmyself

Captain Havoc wrote: »

I wasn't trying to show them anything. They fooked up, they don't care and neither do I.

I ordered aswell shortly after the fraud. I was happy with there response when I contacted them on the matter and the 30 pound sterling voucher with no conditions really helped to keep me happy.

Once they have better prices on items I'm not gonna stop shopping there. It was a bit of an inconienence but all sorted and bank has refunded the funds removed and information passed onto the guards.

They posted details up on internet forums and I wouldn't expect any internet company to place a banner on the front page warning against fraud but that's just my thoughts! Matter closed as far as I'm concerned.

penexpers

I intend to keep buying from CRC if it suits me to do so

The PSN was attacked over the last few days and this is their response

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/

This is exactly the way CRC should have handled the response to their attack.

Alkers

I intend to keep buying from CRC if it suits me to do so

Shocked to see this tbh, always had found them very professional in the past. Will hold off on using them until this is rectified.

Micilin Muc

penexpers wrote: »

The PSN was attacked over the last few days and this is their response

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/

This is exactly the way CRC should have handled the response to their attack.

The response wasn't handled well by Sony, according to RTÉ:

A Sony spokesman said it took 'several days of forensic investigation' after learning of the breach before the company knew consumers' data had been compromised.
The news sparked fury among users.
'If you have compromised my credit information, you will never receive it again,' read one message on the PlayStation Network blog from a user under the name Korbei83.
'The fact that you've waited this long to divulge this information to your customers is deplorable. Shame on you.'

blorg

Micilin Muc wrote: »

The response wasn't handled well by Sony, according to RTÉ:

Sony are being criticised for waiting a few days before notifying customers. CRC have had near 2 months (that we know of) and still have not notified affected customers.

TinyExplosions

I have no opinions on this matter

blorg wrote: »

Sony are being criticised for waiting a few days before notifying customers. CRC have had near 2 months (that we know of) and still have not notified affected customers.

Which only goes to show that no matter how they handled it, there'd still be loads of pitchfork waving people saying it wasn't good enough. Hell, there were even a few around when boards got hacked, and they emailed everyone within 22 minutes. It's a no win situation

ednwireland

I have no opinions on this matter

yawn, bored with this now ive had my card repklaced and transactions removed before, the credit card co wouldnt tell me why who or how (except that it wasnt my fault) yes i will carry on using CRC (with paypal)
honestly internet security is so poor i'm amazed it doesnt happen more often

AstraMonti

I intend to keep buying from CRC if it suits me to do so

I think you guys are taking this too lightly and it's quite a serious problem knowing that your systems have been compromised and not notifying customers.

I ll give you an example, my sister (non geek-non cyclist) bought me a present from CRC which I have completely forgotten about it. Therefore last week she got done while she was on her easter holidays so she had to cancel the card and rush to complete forms and all kinds of BS to verify that the transactions were fraudulent. Lost a morning off her holidays plus her credit card for the rest of the trip and all of that because of the lack of communication from CRC side, it's totally not acceptable from my point of view.

TinyExplosions

I have no opinions on this matter

AstraMonti wrote: »

I think you guys are taking this too lightly and it's quite a serious problem knowing that your systems have been compromised and not notifying customers.

I ll give you an example, my sister (non geek-non cyclist) bought me a present from CRC which I have completely forgotten about it. Therefore last week she got done while she was on her easter holidays so she had to cancel the card and rush to complete forms and all kinds of BS to verify that the transactions were fraudulent. Lost a morning off her holidays plus her credit card for the rest of the trip and all of that because of the lack of communication from CRC side, it's totally not acceptable from my point of view.

That's the last present she buys you

doozerie

ednwireland wrote:

honestly internet security is so poor i'm amazed it doesnt happen more often

The means of adequately securing information transferred via, or stored "on", the Internet are actually quite good, what tends to suck is the implementation by individuals or their companies. Many people/companies simply opt to take a very casual approach to security and they, or more likely their customers, pay the price.

Of course there are also those that take security seriously but who still get hacked, but that requires significant skill and effort on the part of the hackers whereas those who take security less seriously are far easier targets. Who knows which category CRC fall into but given their poor response to their customers I can't help feeling that they don't put securing their customer details very high up the priority list.

penexpers

I intend to keep buying from CRC if it suits me to do so

TinyExplosions wrote: »

Which only goes to show that no matter how they handled it, there'd still be loads of pitchfork waving people saying it wasn't good enough. Hell, there were even a few around when boards got hacked, and they emailed everyone within 22 minutes. It's a no win situation

Yes, but at least now everyone who uses PSN knows their data may have been compromised and can cancel their card ahead of any possible fraudulent use. With CRC, people who don't use Facebook/Twitter/various forums are going to continue to get stung, because they are oblivious to the fact that CRC was compromised.

I take your point that no one (probably) loses any actual cash but it's a major inconvenience if you have to cancel your card and fill in forms etc.. especially if you are away or are about to go away and are depending on your CC.