1/5
posted Mar-13-2008
I was going to source a Panel PC from acnodes.com, so I grabbed our bookkeeper's card info - the one used for all our major purchases and recurring payments.
Made the order - no problem.
Now, what's the first thing you do when you order something online and receive a confirmation email with an order tracking link? You click the link to see that it looks normal.
I did - and it looked normal, except there was our cc number, exp date, cvn, billing address....
None of it obfuscated.
And I wasn't prompted for a password either.
With a sick feeling, I decremented the order number on the address line of my browser and saw someone else's order - with their payment information, including cc number, exp date, cvn, billing address....
So we canceled the card immediately, and then spent the rest of the day trying to get someone to give a damn.
Called Acnodes and their response was that they didn't write the code - it was outsourced.
To their surprise, I found their answer less than satisfying, and they couldn't understand why I wanted the site shut down immediately.
You'd think Visa would have some sort of security breach hotline?
Not one that you can find on their site.
Tried the bank - no one there had any kind of hotline number - but they referred me to the FBI's cyber crime division. Of course, simple incompetence isn't a crime, so they referred me to the FTC....
Mind you, all this time I'm browsing through orders in amazement at how long this has gone on.
Stomping my foot in frustration and swearing under (and over) my breath.
There were orders going back at least 4 months, all completely exposed .
I finally googled for an internal number for Visa fraud reporting.
I called them, then emailed them and the site's web host the details, and it was down about 15 minutes later.
It's a damned good thing that I'm a reasonably honest person. That particular site sells only big ticket items. The $1000+ purchase I was making was on the low end of what they sell, so most of the cards I was seeing were Platinum corporate cards - the kind that get paid by someone other than the person making the purchases - the kind that someone carding merchandise would swoon over.
I did email a few of the folks whose cards were exposed. Of the five I emailed, only one even bothered to email back a Thank You.
59,675 stores
1,815,433 reviews
Over 250,000 shoppers online now
Total Reviews
Helpful Reviews
Forum Posts
Homepage
Member Since
posted Mar-11-2008 
![Share](javascript:share_rating({"review_body":"I was going to source a Panel PC from acnodes.com, so I grabbed our bookkeeper\u0027s card info - the one used for all our major purchases and recurring payments.<br><br>Made the order - no problem.<br><br>Now, what\u0027s the first thing you do when you order something online and receive a confirmation email with an order tracking link? You click the link to see that it looks normal.<br><br>I did - and it looked normal, except there was our cc number, exp date, cvn, billing address....<br>None of it obfuscated.<br>And I wasn\u0027t prompted for a password either.<br>With a sick feeling, I decremented the order number on the address line of my browser and saw someone else\u0027s order - with their payment information, including cc number, exp date, cvn, billing address....<br><br>So we canceled the card immediately, and then spent the rest of the day trying to get someone to give a damn.<br><br>Called Acnodes and their response was that they didn\u0027t write the code - it was outsourced.<br>To their surprise, I found their answer less than satisfying, and they couldn\u0027t understand why I wanted the site shut down immediately.<br><br>You\u0027d think Visa would have some sort of security breach hotline?<br>Not one that you can find on their site.<br>Tried the bank - no one there had any kind of hotline number - but they referred me to the FBI\u0027s cyber crime division. Of course, simple incompetence isn\u0027t a crime, so they referred me to the FTC....<br><br>Mind you, all this time I\u0027m browsing through orders in amazement at how long this has gone on.<br>Stomping my foot in frustration and swearing under (and over) my breath.<br>There were orders going back at least 4 months, all completely exposed .<br><br>I finally googled for an internal number for Visa fraud reporting.<br>I called them, then emailed them and the site\u0027s web host the details, and it was down about 15 minutes later.<br><br>It\u0027s a damned good thing that I\u0027m a reasonably honest person. That particular site sells only big ticket items. The $1000+ purchase I was making was on the low end of what they sell, so most of the cards I was seeing were Platinum corporate cards - the kind that get paid by someone other than the person making the purchases - the kind that someone carding merchandise would swoon over.<br><br>I did email a few of the folks whose cards were exposed. Of the five I emailed, only one even bothered to email back a Thank You.<br><br>","link":"http:\/\/www.resellerratings.com\/store\/AC_Nodes\/review\/367771#comment367771","store_thumb":"http:\/\/www.resellerratings.com\/store\/thumbnail\/AC_Nodes.jpg","store_name":"Acnodes","username":"zombiwulf","rating":"1"}, "single");){kind=link}
![Share](javascript:share_rating({"review_body":"Wow.<br>That\u0027s all I can say.<br>This is another vendor I\u0027ve used, and either I am absurdly lucky, or the reviews are just plain wrong.<br><br>Granted, I didn\u0027t order on Valentine\u0027s Day at the last minute - I ordered after a bad morning fighting with my wife or something trivial.<br><br>I ordered the JEWEL OF MY HEART(TM) \t(#17360)<br>and Add On: One \u0022I Love You\u0022 Mylar Balloon (#2050LV)<br><br>They were stunning.<br><br>I grew up working in my parents\u0027 flower shop, so I know good fresh flowers from stale crappy ones.<br><br>I also know that national floral referral services are only as good as the independently owned shop that actually fulfills the order.<br><br>I remembered from my own experience in the shop that FTD had poor arrangements that only looked good from one angle. Back then, Teleflora was the way to go.<br><br>Why did I go with 1-800-flowers?<br><br>Because one woman I work with always gets email from them, she has excellent taste, and I was in a hurry.<br><br>These not only looked good upon delivery, they stayed looking good over a week. (She kept them even longer, though after a week I would have tossed them.)<br><br>She received the delivery about 90 minutes after I placed the order.<br><br>The vase, while I\u0027m sure was inexpensive, did not look like it. Unlike the awful milk glass or green glass, this one is a beautiful purple\/lavender shade and would look fine in any surroundings.<br><br>My wife works in a tax office, and every day she told me about all the compliments she received.<br><br>","link":"http:\/\/www.resellerratings.com\/store\/1_800_Flowers\/review\/367433#comment367433","store_thumb":"http:\/\/www.resellerratings.com\/store\/thumbnail\/1_800_Flowers.jpg","store_name":"1-800-Flowers","username":"zombiwulf","rating":"5"}, "single");){kind=link}
![Share](javascript:share_rating({"review_body":"Ordered 2 EOC-3610S\u0027s, 2 directional antennas and the pigtails to go with them.<br><br>Order shipped the next day - would have liked to have had a clear option to pay extra for quicker shipping, but it still arrived within a week via inexpensive ups ground shipping.<br><br>Best thing I can say about this is that it was uneventful, from ordering (Jeff is great about answering technical implementation questions on his forums, for those of us loathe to talk to a live human - ok, so I have issues...)<br><br>The AP\u0027s are awesome. With a power output more than 20 times that of a typical Linksys or Dlink soho wireless router, these flat out rock.<br><br>","link":"http:\/\/www.resellerratings.com\/store\/Keenan_Systems_LLC\/review\/367429#comment367429","store_thumb":"http:\/\/www.resellerratings.com\/store\/thumbnail\/Keenan_Systems_LLC.jpg","store_name":"Keenan Systems LLC","username":"zombiwulf","rating":"5"}, "single");){kind=link}
![Share](javascript:share_rating({"review_body":"I find myself in an embarrassing position.<br><br>I ordered a battery recently from keybattery.com and only after placing the order happened upon this site.<br><br>I read one scathing review after another and was convinced that I had erred in doing due diligence before placing the order.<br><br>I placed my order on a Friday, and when I checked the status the following Monday, I noticed to my chagrin that while my card had been dinged immediately, the order was still in \u0027pending\u0027 status.<br><br>I immediately sent some not very nice emails to the site demanding that they immediately cancel my order and credit my card.<br><br>I didn\u0027t receive a response and was sure that I had been taken.<br><br>Then, the next day, the battery arrived....<br><br>The moral to this story is not to believe all the negativity on this site.<br><br>Sure, it serves a useful purpose as an avenue for venting, and it does expose some weaknesses on the part of some vendors, but it also can turn into a feeding frenzy.<br><br>My sincere apologies to anyone at keybattery.com for having to read my unfair and spiteful emails to them.<br><br>This also leaves me in a bit of a dilemma.<br><br>I need to order a laptop and one of the sites I had my eye on has equally appalling reviews. I don\u0027t know whether to go on my gut instincts, or believe the reviews.<br><br>I just spent a good 3 hours reading mostly negative reviews about them, but half the complaints are from people who clearly have no clue how to configure and operate a PC. I strongly suspect at least half the negative reviews are from people who are trying to shift the blame for their own incompetence.<br><br><br> ","link":"http:\/\/www.resellerratings.com\/store\/Key_Battery\/review\/367428#comment367428","store_thumb":"http:\/\/www.resellerratings.com\/store\/thumbnail\/Key_Battery.jpg","store_name":"Key Battery","username":"zombiwulf","rating":"5"}, "single");){kind=link}