Comments on: How Hackers Took Subway Customers for Millions of Dollars Due to Franchisees' Incompetence

By: Minnie

Minnie — Tue, 03 Jan 2012 16:01:39 +0000

I got an email from Capitol One a few weeks ago saying “Congratulations, your credit card balance of $4,796 from your Discover Card has been approved!”. I don’t have a Discover card.
After phone calls and some time the result is that although Capital One told me the Discover card number, they didn’t even know the name on the Discover Card. Discover card refused to tell me the name, I can’t blame them.

Credit was given back to me, the card was cancelled, but I can’t get any more info. I’d like to at least know the name of the person, TO SEE IF IT’S SOMEONE I KNOW. But nothing. You’d think it would be in everyone’s interest to provide me with more to help uncover this attempted crime.

The credit card world is indeed dangerous.

By: Klaus

Klaus — Sun, 01 Jan 2012 04:18:52 +0000

One thing I like about using a PayPal card is that it generates an email with every transaction. I’ve been able to stop fraud 3 times. No loses.

By: Bob Hall

Bob Hall — Sat, 31 Dec 2011 14:13:27 +0000

Why not list all 150 franchises? That would be helpful!

By: yogi-one

yogi-one — Sat, 31 Dec 2011 10:05:19 +0000

Small businesses and even some big corporations are hardwired not to do anything about security until AFTER a breach.

First, it involves expenditures that don’t immediately translate into profit, therefore spending on security is an unjustifiable expense.

Second, that’s right, most managers don’t know jack about computer security, and frankly, don’t care about it. This goes double if they are over 40 years of age and became adults before computers were ubiquitous. And they don’t want to admit they don’t know. Younger employees don’t press them on it because they don’t want to piss off the boss by appearing smarter than the boss. So small non-tech enterprises don’t talk about it.

Third, they figure if it becomes a problem, they’ll fix it. A great strategy for a milkshake machine, but a FAIL strategy for computer security.

Result: they end up getting hacked by junior high schoolers and then they REALLY look stupid.

You wonder when business owners are going to get the memo, but they just don’t. How can you feel sorry for someone who simply refuses to educate themselves and get up to speed on this critical issue?

By: candy

candy — Fri, 30 Dec 2011 18:26:20 +0000

thank you. i rarely use debit card but know not to trust subway now.

By: John

John — Fri, 30 Dec 2011 01:52:13 +0000

In the Washington Mutual days I received a phone call from their fraud division asking about unusual activity on my card. They were correct and advised they were sending me a replacement card. (By the way, they did not ask me for personal info, but being distrustful I told them I would call them back…using the phone number on my billing.) About a week later they called to ask if I had received the new card, which I had not. They said they assumed I had not but what they caught on to was that my replacement card was already being used before I had a chance to use it. Hmmmm. So I was told to destroy the replacement card I would first receive…then when I received another card to phone their customer service listed on my billing and ask for their fraud division. They were on the ball!

By: Susan

Susan — Fri, 30 Dec 2011 00:11:47 +0000

Even lower tech: I was in a Racetrack paying for gas when one of the employees took a cell phone camera shot of a credit card (of the woman in front of me), turned it over and shot the back. the woman couldn’t see him as it was blocked by the cash register. I was on the line to the left and could see quite clearly. I told the woman and she didn’t believe me, but the cashier on my line did and called the manager.

By: Bob F.

Bob F. — Sun, 25 Dec 2011 02:33:53 +0000

Twice this year, my bank called me to say that my debit card info had been compromised and they were sending me a new one. The card never left my wallet, and I use only American Express and PayPal for online transactions. That means some other retail merchant(s) did what Subway did. Fortunately, I didn’t lose anything.

By: Bob F.

Bob F. — Sun, 25 Dec 2011 02:32:01 +0000

By: Cathy

Cathy — Thu, 22 Dec 2011 18:30:19 +0000

Happened to me at an Office Max once. Hackers had gained control of their debit machines and read off thousands of debit cards over the course of a few weeks before they got caught. The card numbers and pins were sold to criminals overseas, who went to ATMs that took names and pins without physical cards ti dispense cash. $1300 gone from my account in one weekend. Fortunately, the fraud department of Wachovia was cool with refunding the purchases since they were in Ul Grojeka and Ukraine. I was without any money for about two weeks, though. These days, I have a separate unlinked savings account with another bank in case any screwups like that happen…