Has anyone asked madvapes what processing center was breached? I've got a list of what PCs the vendors I frequent use and would like to know.
I agree with one key point on each of what seem to be two sides here - so I'll voice my opinions
1) The vendors need to do what's necessary to solve the issue. If you want to sell online, you need to make it safe to use a credit card. Whether it's lobbying PayPal or locating a better processor - figure it out!!
(MANY of the vendors seem to use the same cart - maybe go to that company and threaten to pull down. "Fix your system of lose twenty of us"
2) On the other hand - while I understand the frustration of the OP, you HAVE to prefer MadVape's cancelling orders, and taking responsibility, and notifying their customers. What else could they do? They could have been less responsible and NOT notified you - that's worse - so at least give them credit for "doing the right thing". Too often these days, businesses do NOT "do the right thing" when there's a risk it will cost them something... So I'd be angry this is happening - but not especially angry at madvapes - rather, it would tend to make me trust them MORE than some other place that had NOT done anything about fraud against their customers...
Just a friendly reminder that I've not seen here.
If you have "accounts" with any of the vendors who were robbed of data, change your passwords immediately. If that user name and password is also used anywhere else (bad practice...) change those too.
Oh gawd, is this really necessary? Admittedly, I have used the same user name and password at numerous vaping supply sites.
How many user names and passwords is a person supposed to remember?!?!?!
I've ordered from at least 10 sites, do I really need different user names and passwords for every one?
If so, ordering online has officially become too complicated for me!!!
Not yet. Did you?The same thing happened to me. Did you send in a ticket?
I am new to this forum and this whole industry. I have had credit cards for decades and in the last 20 years have had only two problems. Once I lost my credit card. And the second time was a magazine subscription I got from someone door-to-door. I agree with the previous poster about most of these ecig companies are mom and pop operations (although MadVapes seems to be larger). Everyone is trying to save a buck and is not spending the time or money to properly protect themselves and their customers from easily being hacked. I want to purchase my first setup and juices, but I don't want to expose myself to the fraud. Think I will call a few of the companies and see if they will take a check, I'll wait for the goods. It's the companies that need to up their security procedures. Just my opinion, though.
I have a pocket - sized notebook that I keep all of my passwords in.Oh gawd, is this really necessary? Admittedly, I have used the same user name and password at numerous vaping supply sites.
How many user names and passwords is a person supposed to remember?!?!?!
I've ordered from at least 10 sites, do I really need different user names and passwords for every one?
If so, ordering online has officially become too complicated for me!!!
MV contacted me today. They sent out a replacement pkg. I would send in that ticketNot yet. Did you?
I'll wait til the mail comes tomorrow and if it doesn't arrive, I'll send one in.
You're welcome MarbI sent in a ticket and they're resending mine as well.
Thanks for the heads-up ;-)
Not unless you are using a land lineJust got off the phone with MV. Ended up re-placing my order from over the weekend. Dude said that in the future, I can just put whatever items I want in my online shopping cart, give them a call, have them pull it up, and pay for it over the phone. Sounds about as secure as swiping my card at a B&M store to me.
And now with that new age verification law, I'm supposed to provide not only my name and address, but also my exact date of birth, and of course credit card info that all flows through their servers. Uh, I have a huge issue with that. I try to never give anyone my exact date of birth. I think they need to rethink their system.
I'd also love to know how some third party comes up with that through public records. Where are the "public" records that include exact birth date? I know some have age, but if some records aggregator is selling access to my exact date of birth as a "public" record, I'd be interested to know who that is.