|
March 8, 2007 | #1 |
Tomatovillian™
Join Date: Feb 2006
Location: Warm Springs, GA
Posts: 1,421
|
Johnny's Selected seed
I feel I have to report I do (did) like Johnny's seed but I recieved a letter from them today it READS
I am contacting you to advise you that an Unauththorized person from outside Johnny's broke into our website and stole our data. WE DISCOVERED the theft on Sunday February 18 2007. Your name address phone number and payment information including your credit card number ending in xxxx, were amoung the records stolen. I JUST got off the phone with my credit card company and it WAS charged up and we had to close it The letter was dated the 27th. WHY DIDNT THEY call me or write sooner????? Last edited by Rena; March 9, 2007 at 01:58 AM. |
March 8, 2007 | #2 |
Tomatoville® Moderator
Join Date: Jan 2006
Location: Hendersonville, NC zone 7
Posts: 10,385
|
I got the same letter, Rena, but am not done with them yet (anyone who shops at TJMaxx, Marshalls, etc are also at risk, because their system was also hacked the millions of credit cards numbers stolen). My view is that once they discovered this, they had to go through a process to find out what the possibilities were, confirm next steps, etc. I am sure they have many customers, and communication did take some time. Not making excuses, but I don't think that many companies do risk management very well, and are particularly good at reacting to these new types of cybercrime.
__________________
Craig |
March 8, 2007 | #3 |
Tomatovillian™
Join Date: Feb 2006
Location: Den of Drunken Fools
Posts: 38,539
|
That really stinks, I wonder how many costumers they have and how much information the bandits got away with.
Now I'm glad I never ordered from them. I'm sure that they had to call or write 1,000s to tell about the break in and that is the reason they got to you when they did. Sorry to hear about it. Worth |
March 8, 2007 | #4 |
Tomatovillian™
Join Date: Feb 2006
Location: Virginia Beach
Posts: 2,648
|
I haven't placed an order with them for about a year and have not received a letter yet. I guess I'd still better check my credit cards.
__________________
Michele |
March 8, 2007 | #5 |
Tomatovillian™
Join Date: May 2006
Location: SW Kansas
Posts: 339
|
I was involved in a credit card theft with another company and they used email and phone numbers to contact me and others very quickly. I have read the responses left on Dave's watchdog and it appears they were very slow about making any responses. I was thinking about ordering from them but probably never will now. Too many more to order from. Jay
|
March 8, 2007 | #6 |
Tomatovillian™
Join Date: Feb 2006
Location: Warm Springs, GA
Posts: 1,421
|
On NO!!! I shop at TJMAX . I cant win. OK Craig, I will call and listen to the excuse and then confirm. I can't help it I really like them................ I love the catalog, It is so helpful.
|
March 8, 2007 | #7 |
Tomatovillian™
Join Date: Feb 2006
Location: MO z6a near St. Louis
Posts: 1,349
|
I got a letter from Johnny's, too. Maybe now that the horse is out of the barn, they'll put a more robust system in place. At least they told us. Some places don't.
__________________
--Ruth Some say the glass half-full. Others say the glass is half-empty. To an engineer, it’s twice as big as it needs to be. |
March 8, 2007 | #8 |
Tomatovillian™
Join Date: Feb 2006
Location: NJ Shore
Posts: 189
|
A week ago a guy from my credit card company called and asked me if I had made a purchase from a certain place. When I said I hadn't, he asked about another place. Again I had not made a purchase there. He told me right out that my credit card was cancelled, was dead, and I should not use it again. He said I would get a new card in a few days, and I got it yesterday. New number, new card.
I think it was great that they caught this on my card. I do imagine the 'purchases' were large and unusual for me. I think they did a great job in stopping it. I will say it was a Discover card, might as well give them credit for handling it. By the way, I had not purchased from Johnny's Selected Seeds. ...........Doris, NJ |
March 8, 2007 | #9 |
Tomatopalooza™ Moderator
Join Date: Jan 2006
Location: NC-Zone 7
Posts: 2,188
|
Wow Rena, this has not been a good week for you. I hope you can
get this resolved..... Lee
__________________
Intelligence is knowing a tomato is a fruit. Wisdom is knowing not to put one in a fruit salad. Cuostralee - The best thing on sliced bread. |
March 8, 2007 | #10 |
Tomatovillian™
Join Date: Dec 2006
Location: Corpus Christi,Texas Z9
Posts: 1,996
|
I received the same letter and luckily I lost nothing. I still cancelled the card and it was a bit of a hassle, but I would have to believe that they will respond in a way that would make it more difficult for hackers in the future. I had not purchased from them in awhile, so I didnt understand why my info was still in their system. Learning experience for them, and I believe they will do everything possible to prevent it from happening in the future. Its in their best interest to do so.
|
March 8, 2007 | #11 |
Tomatovillian™
Join Date: Mar 2007
Location: North Florida
Posts: 82
|
I received the letter too. Luckily nothing had posted yet on my card before I cancelled it.
|
March 8, 2007 | #12 |
Tomatoville® Administrator
Join Date: Jan 2006
Location: The Bay State
Posts: 3,207
|
I'd hate to see anyone stop supporting Rob Johnston's employee-owned company solely because some scumbag hacker managed to break into his server and steal customer billing data.
Johnny's Selected Seeds has always offered great service and competitive prices. The sad fact is, as fast as security holes are discovered and patched, determined hackers are working feverishly to find new ones to exploit. There are companies overseas that actually employ net-savvy programmers for the sole purpose of hacking financial institutions and other places where sensitive financial data is processed and stored. It's a multi-billion dollar black market business. There's also a catch-22 situation when it comes to publicly announcing that you've been hacked. Not only do you risk alienating customers and future sales, you also draw attention to your company from the many hacker groups out there. These groups take a perverted pride in competing with each other to be the first to break into a company's data network AFTER the company has acknowledged a breach, just to gain "street credibility" for their hacking skills. I'm not making excuses for Johnny's, TJX, CitiGroup or any other company that has had their data stolen. I just want you to know that the odds are stacked in favor of the scumbags...and not the honest companies and individuals out there. Please keep this in mind before you decide to punish them further by taking your business elsewhere.
__________________
Mischka One last word of farewell, Dear Master and Mistress. Whenever you visit my grave, say to yourselves with regret but also with happiness in your hearts at the remembrance of my long happy life with you: "Here lies one who loved us and whom we loved." No matter how deep my sleep I shall hear you, and not all the power of death can keep my spirit from wagging a grateful tail. |
March 12, 2007 | #13 |
Tomatovillian™ Honoree
Join Date: Mar 2007
Posts: 507
|
I agree with you Mischka. Johnny's has always done superbly by us. Great products, good price and wonderful customer service. It is too bad this happened, but this is not the least unusual - whether or not you order online. One of my sisters has had BOTH of her credit/ATM cards replaced this year from two different banks because hackers had accessed the data bases. She's one of those that never buys anything online and doesn't bank online either.
|
March 9, 2007 | #14 |
Tomatopalooza™ Moderator
Join Date: Jan 2006
Location: NC-Zone 7
Posts: 2,188
|
I suspect the best way to avoid this problem for most companies, is not security, but to not keep the data in the first place.
For future transactions, their system should delete the credit card information once payment has been secured. No credit information on site, no chance of any hacker getting the data.... Lee
__________________
Intelligence is knowing a tomato is a fruit. Wisdom is knowing not to put one in a fruit salad. Cuostralee - The best thing on sliced bread. |
March 9, 2007 | #15 |
Tomatovillian™
Join Date: Dec 2006
Location: Corpus Christi,Texas Z9
Posts: 1,996
|
agreed Lee and I will do business with them again Mischka
|
|
|