Jump to content

ASAP - Data Breach


system 4-50

Featured Posts

3 minutes ago, soforene said:

.....it has prompted some to stick foil in their purse or wallet in a bid to prevent this from happening......

 

And they laughed at me when I started wearing my Tin Foil Hat.

Who's laughing now !!  :wacko:

Me actually, I think it's hilarious.

Link to comment
Share on other sites

21 minutes ago, MJG said:

My understanding is that if you make a number of transactions in quick succession with a contactless card (which a theif would do)  then contactless will be disabled temorarily and you will be required to enter your pin which if you do incorrectly three times in succession your card will be blocked (as has always been the case).

 

This has happened to me twice but I can't recall how many transactions I'd made in order to trigger this.

Except in Aldi on Apple pay.

Which is not a contactless card and has the additional phone security controls such as fingerprint etc.

Link to comment
Share on other sites

2 minutes ago, Chewbacka said:

Which is not a contactless card and has the additional phone security controls such as fingerprint etc.

Correct.

 

Apart from it is a contactless card, but a virtual one rather than a physical one. ;)

Link to comment
Share on other sites

36 minutes ago, Chewbacka said:

Poor example as contactless has a thirty quid limit??

See link several posts below yours:

Quote

From Tuesday, minimum spend on contactless cards per shop rises to £30 from £20, meaning more could be spent in a frenzy if a thief stole the card.

:P:D  But, granted, I'm still a couple of quid out in my example.

36 minutes ago, Chewbacka said:

Poor example as contactless has a thirty quid limit??

See link several posts below yours:

Quote

From Tuesday, minimum spend on contactless cards per shop rises to £30 from £20, meaning more could be spent in a frenzy if a thief stole the card.

:P:D  But, granted, I'm still a couple of quid out in my example.

Link to comment
Share on other sites

52 minutes ago, Chewbacka said:

Poor example as contactless has a thirty quid limit??

 

In addition, according to my bank each time the contactless total spent breaches £300, the card stops working in contactless mode and PIN entry is forced. 

 

This caps the use of a stolen card at £300, and possibly a good deal less. 

Link to comment
Share on other sites

59 minutes ago, WotEver said:

Just over 3 years

Yes, sorry badly worded.

I realised it was three yeras old, but wasn't sure if all it said would still be true.

 

Banks that were offering non-contactless cards then might not now be doing sdo, I suppose?

Sorry to confuse.

Link to comment
Share on other sites

Just had a update email

Dear Customer,
 
We are now able to confirm malicious software was present on our site between 21 August 20182pm to 10am on 25 September 2018.
 
If you used www.asap-supplies.com during this time, the data detailed below has been compromised, dependent on how you interacted with the website:
 
All customers inputting any of the following data during the above dates:
  • First and last name
  • Billing address
  • Shipping address
  • Phone number
  • Email address
 
PayPal and A.S.A.P Supplies Ltd account holders:
  • As above (no payment details compromised)
 
Customers who entered payment details and completed their purchase and customers who entered their payment details but did not complete their purchase:
  • As above, plus:
  • Card number
  • Expiry date
  • CVV - security code
 
What to do now?
If you have not done so already, please call the number on the back of your card and let the issuing financial institution know to cancel your card/s used on our site during these dates. Please also review your credit card and bank statements, looking for unfamiliar or suspicious activity. If you see a transaction that isn’t yours, contact your financial institution as a matter of urgency.
 
We sincerely apologise for this experience and want to reiterate that we are fully committed to protecting your data. We continue to work with the Police, Action Fraud and Information Commissioner’s Office (ICO) to investigate this incident in depth.
 
If you think you have been a victim of fraud please report it to Action Fraud, the UK’s national fraud and internet crime reporting centre, on 0300 123 2040.
 
If you have further questions or concerns, you can contact our customer services team on dsincident@asap-supplies.com who will do what they can to help you.
 
David Cottam
Commercial Director
A.S.A.P. Supplies Limite

It looks like if you had your payment details saved previously then you would have been okay, it's just if you inputted any of the details between those dates.

Link to comment
Share on other sites

On 01/10/2018 at 06:38, Scholar Gypsy said:

I use PayPal whenever possible,  to avoid giving card details to retailers' websites or their payment agents. 

The only thing is you lose the credit card protection. I also use Paypal a lot for smaller items

Link to comment
Share on other sites

I placed an order on 21st Aug. Having found the order confirmation email, it is date-stamped at 12:02pm - 2 hours before they say the malware was present. Unfortunately, I don't  trust these guys now and will be cancelling the card. Real pain though.

Link to comment
Share on other sites

8 minutes ago, ditchcrawler said:

The only thing is you lose the credit card protection.

However you do gain PayPal protection which is very good. I had an issue with TNT not delivering a package to Spain and they were becoming extremely difficult to deal with. I opened an issue with PayPal and had my costs refunded. A week later TNT contacted me and said “Why did you do that, we would have sorted it...”

Link to comment
Share on other sites

2 minutes ago, Big Bob W said:

I placed an order on 21st Aug. Having found the order confirmation email, it is date-stamped at 12:02pm - 2 hours before they say the malware was present. Unfortunately, I don't  trust these guys now and will be cancelling the card. Real pain though.

I've had good service from ASAP so will be using them again!

Link to comment
Share on other sites

6 minutes ago, Big Bob W said:

I placed an order on 21st Aug. Having found the order confirmation email, it is date-stamped at 12:02pm - 2 hours before they say the malware was present. Unfortunately, I don't  trust these guys now and will be cancelling the card. Real pain though.

It can happen to any company

 

Link to comment
Share on other sites

Latest update - so if you paid by ard between 21 August 2018 2pm and 10am on 25 September 2018, then they have captured your name, addrssses,phone number, emai, and most importantly all your card details including the CVC security number.

 

Not good (!), and the advice is to get your card cancelled and replaced.

 

 

Quote

 

Dear Customer,

 

We are now able to confirm malicious software was present on our site between 21 August 2018 2pm to 10am on 25 September 2018.

 

If you used www.asap-supplies.com during this time, the data detailed below has been compromised, dependent on how you interacted with the website:

 

All customers inputting any of the following data during the above dates:

·        First and last name

·        Billing address

·        Shipping address

·        Phone number

·        Email address

 

PayPal and A.S.A.P Supplies Ltd account holders:

·        As above (no payment details compromised)

 

Customers who entered payment details and completed their purchase and customers who entered their payment details but did not complete their purchase:

·        As above, plus:

·        Card number

·        Expiry date

·        CVV - security code

 

What to do now?

If you have not done so already, please call the number on the back of your card and let the issuing financial institution know to cancel your card/s used on our site during these dates. Please also review your credit card and bank statements, looking for unfamiliar or suspicious activity. If you see a transaction that isn’t yours, contact your financial institution as a matter of urgency.

 

We sincerely apologise for this experience and want to reiterate that we are fully committed to protecting your data. We continue to work with the Police, Action Fraud and Information Commissioner’s Office (ICO) to investigate this incident in depth.

 

If you think you have been a victim of fraud please report it to Action Fraud, the UK’s national fraud and internet crime reporting centre, on 0300 123 2040.

 

If you have further questions or concerns, you can contact our customer services team on dsincident@asap-supplies.com who will do what they can to help you.

 

David Cottam

Commercial Director

A.S.A.P. Supplies Limited

 

 

Link to comment
Share on other sites

Phew :

 

My email to ASAP

 

I placed an order with you during the above time-frame, but via telephone, I gave all of my details but do not know how you 'handle them' at your end. Do you simply enter them into the web-ordering page (as I would if I had ordered on line) or do you have a separate system which has not been compromised.

I'd be grateful for an update as to if I am affected or not.

 

And, their reply :

 

Hello Alan,


Thank you for your email.

All order placed via telephone are entered into a back end system which was not compromised. Only the customer facing checkout on the website was affected.

If you have any further concerns, please do not hesitate to get in touch.

Customer Services Team

ASAP Supplies Limited

 

 

Link to comment
Share on other sites

3 hours ago, Robbo said:

Just had a update email

 

 

It looks like if you had your payment details saved previously then you would have been okay, it's just if you inputted any of the details between those dates.

 

I ordered back in July. I'm alright Jack! 

Edited by blackrose
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.