Cake Central › Cake Forums › Cake Talk › Cake Decorating › Anyone having trouble with checkout security at GlobalSugarArt?
New Posts  All Forums:Forum Nav:

Anyone having trouble with checkout security at GlobalSugarArt? - Page 7  

post #91 of 104

Hello Everyone. I have been ripped off so many times it's absurd. I've been followed home and cornered in my driveway, I've had my house burgled four times, cars broken into. It's eerie when you know someone's been there when you weren't, worse of course when you are there--oh my. Lots of damge many times over. It would be really nice and tremendously cathartic to find some accountability a face to pummel and punish for all the destruction and lost trust etc.

 

However Alan and GSA in this case are also victims. GSA has never been nothing (sic) but a tremendous source of fabulous products, information and goodness. They are not the nasty bad guys. Sure sure no I get it--many of you have been ripped off and it's awful and you feel vulnerable and slightly terrorized but Alan has his whole livlihood on the line here. In this economy it's too much to hold him, a fellow innocent, an honorable businessman accountable for the badness/cruelty of the thieves.

 

Don't let the theives take any more hostages. Sure, we'd all love some justice. Alan is also being ripped off--he is actually being ripped off more.

 

Don't let the bad guys take hostages. Especially someone's business.

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

post #92 of 104
Quote:
Originally Posted by AlanT View Post

In an effort to understand how we can best work with our customers going forward and help repair any damage we have caused, please feel free to email me at alan@globalsugarart.com or my associate Daniel Pfeffer at daniel@globalsugarart.com and one of us will schedule a time to speak with any customer personally, at their convenience, that was effected by this recent unfortunate situation.
I assume you also plan on notifying all customers who have placed credit card orders while you were compromised to inform them they are at risk? Or is the burden on impacted customers to find this thread and contact you on their own?
post #93 of 104

If only it was that easy, Jason.

 

 

http://www.ncsl.org/issues-research/telecom/security-breach-notification-laws.aspx

 

Security-Breach Costs Climb 7% to $7.2 Million per Incident

By Kelly Riddell - Mar 8, 2011

 

...About 85 percent of all U.S. companies have experienced one or more data breaches, Ponemon said, and the figure may be larger because many don’t have the ability to detect when information has been exposed....

Costs of data breaches are increasing as more states pass laws requiring companies to disclose whenever customers’personal information is exposed, Ponemon said. So far, 46 U.S. states have passed such measures, with varying definitions of a breach, deadlines for notifying customers and punishments for failing to comply.

Patchwork of Laws

“The patchwork state laws drive up significantly the cost of incident response for national corporations because the reporting requirements and data sets are different for each state,” said Eric Friedberg, a co-president at Stroz Friedberg LLC, which does forensic analysis of data breaches. “When you have to report to several state attorneys generals on the forensics side, it becomes way more complex than if there were one standard.”

The U.S. government has yet to adopt guidelines for companies to follow in the event data is exposed....

 

Most Not Publicized...

Most corporate data breaches are not publicized to avoid alarming customers. Ponemon based its study, titled “2010 U.S. Cost of a Data Breach,” on interviews with executives from 51 U.S. companies that publicly acknowledged a breach of sensitive customer data last year and were willing to talk about it.... 

 

http://www.bloomberg.com/news/print/2011-03-08/security-breach-costs-climb-7-to-7-2-million-per-incident.html

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

post #94 of 104

I have also been a victim of CC Fraud. I notified my CC company and filled out the form for fraud investigation...at that time however I was not sure about it being because of Global Sugar Art. I mail the form and in a hour I discovered this thread. I contacted my CC company later to notify them.

I also tried to delete my account on the Global Sugar Art website and couldnt do so. When I contacted them, I was told the account can never be deleted. I dont think I want my information to be still present there but apparently I cannot delete it.

post #95 of 104

Alan you havent yet answered anyones question or comments as to why you havent notified any customers or why you continue to allow people to purchase online when your website isnt secure?

 

I think I can speak for a few other cake central members when I ask you to please answer...

post #96 of 104
Quote:
Originally Posted by -K8memphis View Post

Hello Everyone. I have been ripped off so many times it's absurd. I've been followed home and cornered in my driveway, I've had my house burgled four times, cars broken into. It's eerie when you know someone's been there when you weren't, worse of course when you are there--oh my. Lots of damge many times over. It would be really nice and tremendously cathartic to find some accountability a face to pummel and punish for all the destruction and lost trust etc.

 

However Alan and GSA in this case are also victims. GSA has never been nothing (sic) but a tremendous source of fabulous products, information and goodness. They are not the nasty bad guys. Sure sure no I get it--many of you have been ripped off and it's awful and you feel vulnerable and slightly terrorized but Alan has his whole livlihood on the line here. In this economy it's too much to hold him, a fellow innocent, an honorable businessman accountable for the badness/cruelty of the thieves.

 

Don't let the theives take any more hostages. Sure, we'd all love some justice. Alan is also being ripped off--he is actually being ripped off more.

 

Don't let the bad guys take hostages. Especially someone's business.

 

I could not disagree more. At first, yes - their site got hacked and that sucks. But after months of knowing this was happening they continued to accept credit card payments and put their customers at risk. They should have switched to the PayPal only system way back then and informed their customers of the security breach. Continuing to leave the FAQ up on their site that Jason posted earlier about their credit card security is blatantly lying to their customers. Continuing to accept credit card payments when they know their information security had been compromised is wrong plain and simple.

 

I'm sorry, but whatever excuses are being offered now are way too little, way too late. They deserve to lose our business.

post #97 of 104
Quote:
Originally Posted by -K8memphis View Post

If only it was that easy, Jason.
It is not technically difficult to compile a list of customers who have ordered between specific dates, and GSA has already demonstrated that they are willing to admit to being compromised here, so I'm not sure why they aren't taking that extra step of notifying customers.

I hadn't even thought of the mandatory reporting laws for security breaches, since GSA is based in NY they may be required by law to tell their customers:
http://public.leginfo.state.ny.us/LAWSSEAF.cgi?QUERYTYPE=LAWS+&QUERYDATA=$$GBS899-AA$$@TXGBS0899-AA+&LIST=SEA3+&BROWSER=BROWSER+&TOKEN=41381912+&TARGET=VIEW
post #98 of 104

tracyaem....I agree!!! GSA is a wonderful website with great products, great prices and great shipping...no one is denying that fact!! I 100% agree that the way this was handled was WRONG! They are allowing people to still purchase and with that allowing their personal information to be hacked! This couldve been taken care of by putting a simple statement on their website during checkout with a background of whats going on, and give people a secure option on how to buy. Then they wouldnt have lost so many customers! I do believe had they done that, more people would be forgiving and stick with GSA!

 

I have actually taken all of the information I have, down to my local police station. Im not sure what can be done, but Im sure the way they handled this is wrong.

post #99 of 104
FYI, I just went through the checkout process at GSA as a test and you are now sent to the Paypal site to enter your billing information, so your credit card number is no longer stored anywhere on the GSA servers if you place an order now.

Your account email address and password are still stored on the GSA servers though, so if you used the same password on GSA anywhere else you will want to change that password ASAP.
post #100 of 104

I was notified by my credit card company on Friday of a charge for $1399 to Dell. Two other "testing" charges, $1 from Dell and $9 from Zappos. I reported them as fraud to my credit card company. Now I have "Dell" calling my house multiple times (caller ID) and left 2 messages during the day while I am at work, when I call the number back, I am put on hold.  This happened two months ago on the same credit card account, first a "tester" charge for $15, then a $1304.99 charge to Costco.  This is my main credit card account because I love the rewards it provides so I was not able to figure out where the breach in security came from.  It seems a little more than coincidental and to think this may go back to September.

This morning I received a GSA email about what is on sale and saw a note about server and security issues.  I had placed orders with GSA before both of these fraud incidents. I agree its not right for them to not notify customers who have already placed orders of the security issues so they can keep an eye on their accounts. Had I known GSA was having security issues (I recently placed orders on 11/16 & 11/26), I still would have placed my orders, just would have used a temporary card. That would have saved me from the position I am in now - the second time around.

post #101 of 104
Quote:
Originally Posted by megg5 View Post

tracyaem....I agree!!! GSA is a wonderful website with great products, great prices and great shipping...no one is denying that fact!! I 100% agree that the way this was handled was WRONG! They are allowing people to still purchase and with that allowing their personal information to be hacked! This couldve been taken care of by putting a simple statement on their website during checkout with a background of whats going on, and give people a secure option on how to buy. Then they wouldnt have lost so many customers! I do believe had they done that, more people would be forgiving and stick with GSA!

 

I have actually taken all of the information I have, down to my local police station. Im not sure what can be done, but Im sure the way they handled this is wrong.

 

Thak you megg5, that has been my point all along. I loved GSA and spent lots of money there over the last few months and would have continued to do so had this situation been handled properly. It's not the hacking I'm complaining about, it's the fact that it happened twice to me (and many others) and I had to find out why through a message board.

 

In the meantime, I received a PM from Alan that was extremely sarcastic and very rude implying people in this thread are not even customers and are "out for blood". It really is a shame because there are so few stores with a decent selection and reasonable prices. I hope they learn from their mistakes and start having a bit more respect for any customers that remain.

post #102 of 104
Quote:
Originally Posted by tracyaem View Post

Quote:
Originally Posted by megg5 View Post

tracyaem....I agree!!! GSA is a wonderful website with great products, great prices and great shipping...no one is denying that fact!! I 100% agree that the way this was handled was WRONG! They are allowing people to still purchase and with that allowing their personal information to be hacked! This couldve been taken care of by putting a simple statement on their website during checkout with a background of whats going on, and give people a secure option on how to buy. Then they wouldnt have lost so many customers! I do believe had they done that, more people would be forgiving and stick with GSA!

 

I have actually taken all of the information I have, down to my local police station. Im not sure what can be done, but Im sure the way they handled this is wrong.

 

Thak you megg5, that has been my point all along. I loved GSA and spent lots of money there over the last few months and would have continued to do so had this situation been handled properly. It's not the hacking I'm complaining about, it's the fact that it happened twice to me (and many others) and I had to find out why through a message board.

 

In the meantime, I received a PM from Alan that was extremely sarcastic and very rude implying people in this thread are not even customers and are "out for blood". It really is a shame because there are so few stores with a decent selection and reasonable prices. I hope they learn from their mistakes and start having a bit more respect for any customers that remain.


If Alan did send you a PM such as this I am offended - NO I am not a customer, and I have NOT had my card compromised - BUT that doesn't mean that I can't enter into a discussion about it - AND warn all my cake friends about it.   This isn't a case of 'out for blood'  - what could I possibly hope to gain from this

However, I DO feel that this whole issue has been handled in the WORST possible way by Alan and his Company - he really does need to start looking a little bit closer to home when trying to lay blame

A sense of humour is a wonderful thing  - without laughter, the world is a SUPER boring place

PS..... only smart people can read truly WITTY comments and chuckle instead of getting all miffed

Hero of all time - GODOT

 

 

www.facebook.com/applegum

Th...

Misc 3D Cakes
(1 photos)
  

A sense of humour is a wonderful thing  - without laughter, the world is a SUPER boring place

PS..... only smart people can read truly WITTY comments and chuckle instead of getting all miffed

Hero of all time - GODOT

 

 

www.facebook.com/applegum

Th...

Misc 3D Cakes
(1 photos)
  
post #103 of 104

Please, cake-buddies, take a deep breath---the ill will here needs to be directed at the THIEVES.

GSA does NOT deserve to be maligned. They are now being robbed of thier GOOD NAME (and by CC? Really?)

 

He fixed it over and over.

Your credit card companies resolved those issues for you. Yes it's a nasty thing to have to go through but don't compound it for the unfortunate merchant.

Where will Alan go to restore his reputation you all are carelessly tossing about.

 

Besides, how would GSA know who got dinged?

They fixed it three times.

Notification laws are screwy and different in each of the 46 states that have laws.

 

You are putting his face on the punching bag and having at it when it was someone else that did this evil thing.

I don't care if you don't believe it--that's what the man we've known for over 10 years said.

He's been nothing but an honorable and generous businessman deserving of a break and our heartfelt sympathy not to mention some serious apologies.

 

 

Merry Christmas

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

my cookies are prettier than your cookies because this is the second time i substituted my opalescent sanding sugar when i ran out of sugar to make the batch ha!

 

post #104 of 104

I have personally spoken with Alan from Global Sugar Art and they are handling this situation.  If you were an affected customer, you will receive a notification from a GSA representative, but not through cakecentral.com

 

As for any of the other advice in this thread, unless it came directly from a GSA representative, or cakecentral admin, I recommend that information be disregarded, as it did not come from an official source and can only be classified as here-say.

 

I have every confidence in the Global Sugar Art team, that they are working around the clock to protect customer's sensitive data. They are currently still open and taking orders, however they are only accepting paypal until the security team has updated any possible breaches with other payment methods.

 

I remain steadfast in my support of Global Sugar Art, they have always been, and will continue to be an excellent company to do business with, as they serve cake community with respect and a high standard of customer service.

 

I will post any official updates for you as they come in.

birthday.gif Jackie

birthday.gif Jackie

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Cake Decorating
This thread is locked  
Cake Central › Cake Forums › Cake Talk › Cake Decorating › Anyone having trouble with checkout security at GlobalSugarArt?