[UPDATE] Official statement from Fun Pub about Credit Card issues, Official Statement from Hasbro added 03-05-2012 Options

[RCX]

I still haven't received the email that they've been compromised.
But I have received an email saying that you can download a PDF and send renewal $$$ by check.

[ShinRa Inc]

This just in!

Hello. This is going out to all members past and present on file.

In case you didn't get the email on Friday, please see our posting at TransformersClub.com concerning the security issue we have had. We have continued to work on this issue over the weekend. We still don't know the scope of the possible intrusion or if there was an intrusion. However, to be on the safe side, we are recommending that everyone who has used a card with us either for a store purchase or for an event registration in the last year have that card replaced at their earliest convieinence to avoid any potential unauthorized use. We again apologize for this problem and for your time this has wasted.

Thanks for your patience and support while we solve this issue.

Brian Savage
CEO Fun Publications, Inc.

Would've been nice to get this e-mail a couple weeks ago...

Edit: I have gotten 4 copies of this notice in the last 5 minutes. 3 from TCC, one rom GIJoe.

This post has been edited by ShinRa Inc: Feb 26 2012, 08:22 PM

[awa64]

As far as I can tell, FP still has not informed former club members that their information is compromised.

Just got one 30 seconds ago.

[Cheetimus Primal]

They're listening.

Hello. This is going out to all members past and present on file.

In case you didn't get the email on Friday, please see our posting at TransformersClub.com concerning the security issue we have had. We have continued to work on this issue over the weekend. We still don't know the scope of the possible intrusion or if there was an intrusion. However, to be on the safe side, we are recommending that everyone who has used a card with us either for a store purchase or for an event registration in the last year have that card replaced at their earliest convieinence to avoid any potential unauthorized use. We again apologize for this problem and for your time this has wasted.

Thanks for your patience and support while we solve this issue.

Brian Savage
CEO Fun Publications, Inc.

[gargunkle]

I've been extremely lucky with not getting my CC information compromised before. Do the CC companies tend to charge a fee for replacing a card?

[Undead Scottsman]

Typically not, but it can take like ten days for you to get a new card, which can be inconvenient. Last year when the Sony hack happened I replaced my card as a precaution and because I had to wait, I was unable to get a 3-day pass to the Penny Arcade Expo so I had to settle for 3 1-day passes at an additional $40. Kinda sucked..

Anywho, the Sony hack looks like it's been a blessing as this is the now the third event that compromised my old card (the Sony hack and the old Steam database hack being the other two).

[Trixter]

I still haven't received the email that they've been compromised.
But I have received an email saying that you can download a PDF and send renewal $$$ by check.

I've now received three within the last two and a half hours saying "We still don't know the scope of the possible intrusion or if there was an intrusion." (Emphasis mine.) Which contradicts their prior statement saying there was a problem. It's like it's so hard for them to admit that something went wrong that even after admitting it they still can't quite admit it.

So much hate. So much.

[Robogeek1973]

I just canceled my card just to be sure, I've had to go through CC fraud once and really don't want to do so again.

[Walky]

Typically not, but it can take like ten days for you to get a new card, which can be inconvenient. Last year when the Sony hack happened I replaced my card as a precaution and because I had to wait, I was unable to get a 3-day pass to the Penny Arcade Expo so I had to settle for 3 1-day passes at an additional $40. Kinda sucked..

Anywho, the Sony hack looks like it's been a blessing as this is the now the third event that compromised my old card (the Sony hack and the old Steam database hack being the other two).

I got a new card just as a precaution, and my bank offered to send me a new card in 2 days for $5 or a new card in 10 days for nothing. I chose nothing, and I got my new card in two days anyway. Huh.

Not that this would be guaranteed to happen to anybody else, but, well. I'm a chatterbox and I like talking about myself.

[G.B.Blackrock]

I still haven't received the email that they've been compromised.
But I have received an email saying that you can download a PDF and send renewal $$$ by check.

I've now received three within the last two and a half hours saying "We still don't know the scope of the possible intrusion or if there was an intrusion." (Emphasis mine.) Which contradicts their prior statement saying there was a problem. It's like it's so hard for them to admit that something went wrong that even after admitting it they still can't quite admit it.

So much hate. So much.

That's all they can do. They acknowledge exactly what the rest of us acknowledge. Something went wrong, and the club does seem to be the unifying factor. But there's still nothing on their end, despite a LOT of investigation to date, to say exactly what happened. They can't plug a hole they haven't found yet. They can only tell you that there seems to be one. Which this statement does do.

[Trixter]

I still haven't received the email that they've been compromised.
But I have received an email saying that you can download a PDF and send renewal $$$ by check.

I've now received three within the last two and a half hours saying "We still don't know the scope of the possible intrusion or if there was an intrusion." (Emphasis mine.) Which contradicts their prior statement saying there was a problem. It's like it's so hard for them to admit that something went wrong that even after admitting it they still can't quite admit it.

So much hate. So much.

That's all they can do. They acknowledge exactly what the rest of us acknowledge. Something went wrong, and the club does seem to be the unifying factor. But there's still nothing on their end, despite a LOT of investigation to date, to say exactly what happened. They can't plug a hole they haven't found yet. They can only tell you that there seems to be one. Which this statement does do.

The statement on their site says "After many days of analysis, Fun Publications has determined that there is a security issue with our e-commerce systems." Then they send out an email saying there may or may not actually be a problem, after they have already said there is a problem.

Fun Pub has a long and storied history of refusing to acknowledge when there are problems. Sometimes they fix them without actually admitting to them. More often they pretend there's nothing wrong. This is just another example of that pattern of behavior.

[Nanite]

Email received here too. Progress.

Now they need to offer every one of us credit monitoring or identity-theft protection services for at least a year, provided by a reputable third party.

[Professor]

The statement on their site says "After many days of analysis, Fun Publications has determined that there is a security issue with our e-commerce systems." Then they send out an email saying there may or may not actually be a problem, after they have already said there is a problem.

Eh, I take that more of a sign that they're disorganized and not communicating well internally about what message to put out there. If they were trying to hide the problem, they wouldn't admit to it elsewhere.

Not that disorganization is a good thing, mind you. In the context of something like this, it's actually vaguely alarming. It's just that it's better than lying. There clearly HAS been a security intrusion of SOME sort though, and saying that there might not have been one simply because they haven't found it yet seems either optimistic or naïve.

But as Walky notes above, replacement credit cards tend to arrive pretty fast -- I think it's because they want you out there spending again as soon as possible. I got a new card just last week because I thought I'd lost my wallet (I hadn't), and it came in two days, even though they said 5-8 business days. That's been my experience any time I've ever requested a replacement card. It's a pretty casual thing for the bank, and they'd much rather that you get a new card when you're worried (which costs them maybe a dollar or two) than risk thousands in fraudulent purchases.

[Rosicrucian]

Now they need to offer every one of us credit monitoring or identity-theft protection services for at least a year, provided by a reputable third party.

That's not really necessary if you have the card replaced. Fun Pub doesn't really have enough information from us to make that required. It's the sort of thing a larger company might offer, but Fun Pub doesn't have Sony's kind of money.

[G.B.Blackrock]

I still haven't received the email that they've been compromised.
But I have received an email saying that you can download a PDF and send renewal $$$ by check.

I've now received three within the last two and a half hours saying "We still don't know the scope of the possible intrusion or if there was an intrusion." (Emphasis mine.) Which contradicts their prior statement saying there was a problem. It's like it's so hard for them to admit that something went wrong that even after admitting it they still can't quite admit it.

So much hate. So much.

That's all they can do. They acknowledge exactly what the rest of us acknowledge. Something went wrong, and the club does seem to be the unifying factor. But there's still nothing on their end, despite a LOT of investigation to date, to say exactly what happened. They can't plug a hole they haven't found yet. They can only tell you that there seems to be one. Which this statement does do.

The statement on their site says "After many days of analysis, Fun Publications has determined that there is a security issue with our e-commerce systems." Then they send out an email saying there may or may not actually be a problem, after they have already said there is a problem.

No. They say there may or may not actually be an intrusion. Big difference.

They know there's a problem. They don't know the precise nature of that problem yet.

This post has been edited by G.B.Blackrock: Feb 27 2012, 12:56 AM

[Pete@BotCon]

Correct. We know there is a security issue. Many people have asked if we got hacked. We have been told by numerous sources that there is no trace of a hack in to our system.

But yes. There was a security issue. No one though has been able to determine what that is. We are doing an awful lot both time wise and financially to find out, if we can, what that is.

This post has been edited by Pete@BotCon: Feb 27 2012, 04:21 AM

[Chris McFeely]

Although I haven't been hit (as I thought it was just affecting the US side of things until a local friend of mine got hit for £3000), I decided to cancel my card pre-emptively, and as the reports continue to mount up of new people being hit every day, it really sounds like if you HAVEN'T cancelled your card, you really, REALLY should.

This post has been edited by Chris McFeely: Feb 27 2012, 11:39 AM

[Nanite]

Now they need to offer every one of us credit monitoring or identity-theft protection services for at least a year, provided by a reputable third party.

That's not really necessary if you have the card replaced. Fun Pub doesn't really have enough information from us to make that required. It's the sort of thing a larger company might offer, but Fun Pub doesn't have Sony's kind of money.

Ever give Funpub your DOB? Honest question, I think I did at one time, but can't recall. That would be enough that I would want credit monitoring. It's not an SS#, but it's enough for someone to attempt identity theft.

[Cheetimus Primal]

Correct. We know there is a security issue. Many people have asked if we got hacked. We have been told by numerous sources that there is no trace of a hack in to our system.

But yes. There was a security issue. No one though has been able to determine what that is. We are doing an awful lot both time wise and financially to find out, if we can, what that is.

Thanks, Pete.

This is what everyone needs to hear. FP is aware of the issues, knows there IS an issue on their end and is trying to find wat the issue is to protect their customers in the future.

As someone that had their money screwed up and couldn't even pay my rent on time I gotta say that I think everyone needs to breath a bit. Relax and know that people are trying to solve the issue. Money is being put into this on the Club's end right now.

For that I'm pretty damn thankful.

[Kalidor]

Cheets, I don't think any one has questioned that FP wasn't aware of the issue. The problem is that while they were aware of it, the dozens of customers who were not aware of it wer having thier money stolen and their information conpromised without being told there was a problem.