

Woothemes.com Credit Card Leak - GiantTitan

WooThemes.com -- 3 days ago there was a leak of credit card data, and they didn&#x27;t tell anyone. I&#x27;ve had over 10k in charges on the two cards I have on file with them. They haven&#x27;t told their customers to warn them. This news needs to be made public so people can protect themselves and I just want to prevent this from happening to anyone else.<p>Here was my correspondence with support.<p>Thomas <i></i><i></i>* May 08 18:54
Two credit cards that I have used on your system has ended up with credit card fraud. One card was only used on this website. It was a brand new card. I have read online that your checkout is not secure. You have cost my business thousands of dollars and time I can never recover. I will be reporting your company to the credit companies for further investigation.<p>Hi Thomas, I&#x27;m very sorry to hear that your card has been used fraudulently! We have had a few reports today of similar issues from other customers. You should contact your CC company and cancel the cards and report the fraudulent transactions if you haven&#x27;t already done so. The common practice is that they will not charge you for the fraudulent transactions, and issue you a new card. We take this very seriously and we are investigating this with our hosting provider and security experts, along with our current payment gateway. We will let you know once we have more information on this issue. Sorry for the inconvenience!
Regards, Magnus Jepson Co-Founder<p>The scammers who used my credit card information decided to book hotel rooms in Paris under their real names and use their personal email addresses. The hotel was nice enough to disclosed the booking information to me.
facebook&#x2F;ajibola.moshood.10
facebook&#x2F;ademosu.akintundemoses
======
markforrester
Hi Thomas (and all affected WooThemes customers). We are really sorry about
this inconvenience. We are trying everything we can to get to the bottom of
this as fast as humanly possible.

We have an official statement on our blog on this matter -
[http://www.woothemes.com/2014/05/important-info-for-
wootheme...](http://www.woothemes.com/2014/05/important-info-for-woothemes-
customers/) that we have also sent out to all our customers.

Mark Forrester (WooThemes Co-Founder)

------
amarcus
File a charge back with your credit card provider / bank. It should be common
knowledge to all credit card holders but, I have found that many people don't
know about it.

You can file a charge back against any item on your statement. The bank will
immediately return the money to you. No questions asked. They will then go
back to the merchant to reclaim the money.

The merchant must then prove that the charges on your credit card were
legitimate. The merchant does this by sending the bank any documents they
have. The bank will send these back to you asking you to verify. If you verify
that it is a legitimate transaction, you pay for it. Otherwise, you can
continue with your dispute and will walk away with all your money back. The
merchant will have to pay the bank back plus a penalty ($15-30).

I use my credit card more than any other payment method because I know that I
can file a charge back on anything on my statement that I don't recognize.

------
krogsgard
Here's a rundown of the whole thing, including some discussion with and a
response from WooThemes: [http://www.poststat.us/woothemes-investigating-
alleged-websi...](http://www.poststat.us/woothemes-investigating-alleged-
website-vulnerabilities/)

------
stockliasteroid
Same here. I have a business debit card (bad idea, I know) that I wasn't
actually able to complete a purchase with due to Woo being a UK company. That
didn't stop the card number theft, though, I had over $3k of fraudulent
charges before the bank shut the card down. Spent all morning filling out
dispute forms. Good news is I shouldn't be liable for any of it. Charges were
from all over the US.

Bad news for Woo, issues like this cost a LOT of money to resolve. They better
own up to it soon, this will be a major blow to their reputation if they
don't.

------
ereckers
I just received 2 fraudulent charges on the 12th.

These guys claimed they emailed their customers on the 9th:

    
    
      http://www.woothemes.com/2014/05/important-update/
    

I didn't receive that email. Wish they could have done more.

As far as the charges. These days it's easy enough to file a claim, a
chargeback, and have your money credited back to your account.

------
justinmacleod
Yup, this also explains why my new (2 month old) credit card was compromised.
My bank already flagged the transactions as suspicious and I even have my
replacement card waiting for pickup. My purchase was made over 10 days ago,
how freaking long has this been going on for?

------
alopes
This explains why I had a fraudulent charge about 3 days ago...

~~~
codecondo
so you're trying to say that you didn't care about it for 3 whole days,
awesome!

------
tszming
Look like their payment gateway has terminated or suspended their account and
they now only accept PayPal.

