[Sca-cooks] Pennsic Credit Card Problems?
Terry Decker
t.d.decker at worldnet.att.net
Thu Aug 28 16:14:28 PDT 2008
>
> Bear suggested:
>>The scenario Alys describes makes me suspect that hers was among the 40
>>million card numbers that were lifted about six weeks ago from, IIRC,
>>Marshall Fields computers. As I recall, purchases at T.J. Maxx, Marshall
>>fields and Barnes and Noble may be part of the compromised data.
>
> Well, unless the data had been collected years ago, I don't frequent these
> stores. Last purchase in T.J. Maxx might have been 8 years ago - and I
> usually use cash. Ditto for Barnes and Noble. They aren't nearby so I
> use
> Borders/Waldenbooks.
>
Working from memory, I misspoke. They indicted 11 people involved in the
theft of 40 million card numbers at the beginning of the month. The
investigation has been running since 2006. The numbers were stolen from
TJX, which is the parent company for a large number of other companies
including the ones above, Boston Market, OfficeMax Sports Authority and many
other companies. No one has stated the temporal range of the data. No one
has said how many of the card numbers have been used in frauds.
> Niccolo suggested:
>>Even perhaps a local store or marketplace where several people frequented
>>before, during or after the war.
>
> I never leave site; I don't use a credit card for gas or groceries.
> That's
> why this has been so puzzling. I'd heard rumors of somewhat-organized
> thieves attending Pennsic and then stealing from tents, which can't be
> locked. I wondered if it were possible to snag all those lovely credit
> card purchase numbers from our event. I certainly trust the folk at
> Devra's. I had purchases for much smaller amounts at two other merchants
> around the time I bought books from Devra - and one late in the War.
> There
> are no fraudulent charges prior to my purchases from Poison Pen, so all
> the
> fraudulent charges took place after I was at War.
>
> Alys, with a new credit card number
>
> Elise Fleming
There is no reason to believe that your credit card information was stolen
at Pennsic. The fact that the fraudsters started using it while you were at
the war is a casual relationship.
Unless all of the credit cards at Pennsic go through a single wireless
network, which I doubt from my experiences with the Norman MedFaire,
wardriving is highly improbable. Your data would have been stolen at a time
you were using your card and it was out of your sight. In such a case, the
person running your purchase often swipes the card through a data collection
scanner as well as the credit card scanner. That's the easiest way to
directly steal the data. If the data was stolen at the war, then there
should be a rash of credit card fraud among the participants.
The fact that the people using your card in Florida actually had a card
tells me they were pros and that they probably bought the credit card
information in bulk for about $10 a card number. They were using cards, so
they probably had identification to match. Neither of these is particularly
difficult to manufacture, but they do take some time and there are expenses
for the equipment, card blanks and legitimate looking driver's license
blanks. The fraudsters probably had your information several days to
several weeks before they used it. Using the card at BP stations and
ToysRUs rather than to purchase big ticket items that could be resold,
suggests that the people who cloned your card are pushing paper rather than
using the cards directly. Had your card info been purchased on the
internet, it would have been used on the internet and likely been maxxed out
in a few hours.
To repeat (boringly) myself, if your information was stolen directly, it
will have likely been at some point when you were using the card, but it was
out of your direct sight for a minute or two. If it was lifted from a
database, you will probably never know how or where they got the
information. Most states don't have a law to inform you when your
confidential information has been compromised.
In case you have an interest in identity theft, credit card fraud and
preventing them, try Frank W. Abagnale's Stealing Your Life. In my opinion,
it's the best general book on the subject available.
Bear
More information about the Sca-cooks
mailing list