View Single Post
  #20  
Old 08-06-2009, 12:20 PM
DiscoBayJoe's Avatar
DiscoBayJoe DiscoBayJoe is offline
Senior Member
 
Join Date: Jul 2008
Location: Discovery Bay, CA
Posts: 1,320
iTrader: 5 / 100%
Default

Wow, sheer laziness was the only thing that prevented me from joining the CRPA a few weeks ago (I printed out the petitions but didn't have my credit card handy when filling out the online app and didn't want to go downstairs for my wallet!).

This happened to me a couple of years ago with an online purchase. It turns out the database the retailer was using had been compromised and someone was reading the full information from every purchase (Name/email/address/card/3-digit code/everything). Luckily they only got $75. There was a $50 'deductible' and I had to send my claim in notarized ($10) so at that point I figured my time was worth more than the $15 I’d get back net.

Good Catch on the email. with the scenario you listed above, specifically with the .cpra@ there is absolutely no doubt this transaction was where your compromise occurred. It could have come from your machine with a keylogger or from the website. Based on the feedback from multiple occurrences, it would be statistically accurate to conclude the website is the compromised asset.

You are going to have to cancel that card. It's a little bit of a PITA if you have any recurring items on it (you'll have to update each of those vendors), but its well worth getting that number inactive.
Good Luck!

Last edited by DiscoBayJoe; 08-06-2009 at 12:25 PM.. Reason: typo
Reply With Quote