Rpgnow creditcard information stolen

[Roudi]

Actually, this explains a lot.

A few months ago, I had my credit card cancelled and placed on fraud alert after several unexplained charges from a web-based company in Sao Paulo, Brazil, showed up in my statements. I kept wondering where my card info might have come from. I never would have suspected RPGNow.

 

[Keith Robinson]

Mr. Wieck, why do you stored these data?

I've cancelled my credit card.

This is all rather a mess

However, IIRC, you have to actively choose to have your credit card data stored on the RPGNow server by ticking a box - something I chose never to do. As to why they do it - I guess it's just customer convenience.

For the most part, there really is no reason for 99% of companies to store credit card data and I much prefer it when I don't have to. This has just made me think about cancelling my cards and strating with new ones - I'm pretty sure there are online companies who have my details that I can't even remember anymore

 

[Keith Robinson]

I'm very leery of googling my credit card numbers, so I don't think I'll try that unless someone here can give me a very compelling reason why it's not an exceptionally bad idea.

Google will almost certainly log all entries, so it's probably not a good idea...

 

[DMH]

However, IIRC, you have to actively choose to have your credit card data stored on the RPGNow server by ticking a box - something I chose never to do.

Nor I. I just whip out the card and retype my numbers everytime I buy something. Since they emailed everyone who was or might be affected by storing their numbers there, those people should know by now to cancel their card.

 

[carpedavid]

Actually, this explains a lot.

A few months ago, I had my credit card cancelled and placed on fraud alert after several unexplained charges from a web-based company in Sao Paulo, Brazil, showed up in my statements. I kept wondering where my card info might have come from. I never would have suspected RPGNow.

Yep - same situation with me. I googled for the file and found my information - and sure enough, it's the card that was used fraudulently.

 

[solomoncane]

To summarize some of the info on rpg.net:

Only those people who actually selcted the "store credit card" item on the checkout system on rpgnow/shop are potentially affected. If you type your cc info every time you purchase, you are not affected.

Individuals affected will receive private emails.

 

[eyebeams]

EDIT -- redundant post.

 

[hexgrid]

I'm glad I only ever paid via PayPal.

Olaf the Stout

Me too.

My wife runs an online store from our house, and it's always surprising to me the number of people she encounters who don't want to pay by paypal because it "isn't safe." They've got no problem handing their actual credit card number to a piddly online store that know nothing about , though!

 

[Lockridge]

This explains why my credit card has had several fraud transactions from all over the world over the past couple of months.
I've since cancelled it. I'll be paying by Paypal from now on.
Didn't get a warning email though. Perhaps it was filtered by my spam protection although everything else from rpgnow gets through.

 

[Piratecat]

Note that I think you can easily google a portion of your credit card number - 5 or 6 numbers - without particularly putting yourself at risk.