Midway Hacked?

wally · Apr 20, 2016

Just got an Email from Midway apologising for problems with their website, saying they were still taking telephone orders.

Usually this means one of two things -- a large system upgrade went poorly, or more likely, they discovered they have been hacked.

If you've credit card numbers on file there I'd pay close attention to your statements for the next few months

MIL-DOT · Apr 20, 2016

Wonderful. Juuuust wonderful. :what:

:banghead: :uhoh:

(but thanks for the heads-up).

Jimster · Apr 20, 2016

Ouch. Just received some stuff from them (super fast) and they do have one of my cards on file. That's just great. Hopefully no hacking is going on. I do hate a thief.

SSN Vet · Apr 20, 2016

We've been hit with Ransomeware 4 times since January where I work.

And we have a very robust network, redundant server and good IT support. We're getting good at removing it, but it still costs us a full day of productivity.

People have to stop clicking on attachments in e-mails.

Now their saying that Flash Player has a security hole in it that makes the system vulnerable to attack as well.

The cyber wars are well underway.

kanook · Apr 20, 2016

I just ordered on Monday and it wanted to update my card, glad I didn't.

pjeski · Apr 20, 2016

I didn't get an email from them, and the website seems to be working fine.

What makes you think them being hacked is the most likely reason for the email they sent you?

yugorpk · Apr 20, 2016

Works fine for me.

wally · Apr 20, 2016

Flash has been so bad for so long that if a site requires it to work I go elsewhere -- I run NoScript and Flashblock on Firefox.

I haven't been to their site in a while, but if they send out a Email suggesting I call in an order instead, I'm pretty sure nothing good is going on.

What makes you think them being hacked is the most likely reason for the email they sent you?

because most large/busy sites are usually smart enough to slowly roll in upgrades to their server farms and/or use virtualized servers that can be restored quickly if bugs make things go badly.

I just followed a link from an Email advert they sent me a day before the phone order Email notice, and it seemed to work, but there are lots of scripts being blocked by my Browser.

Not sure what this really means, be careful out there!

DeepSouth · Apr 20, 2016

What makes you think them being hacked is the most likely reason for the email they sent you?

A lot of speculation, with a hint of paranoia. There's no telling what happened, ignore it, move on with life, and check your statements like you (hopefully) normally do.

Mainsail · Apr 20, 2016

wally said:
I haven't been to their site in a while, but if they send out a Email suggesting I call in an order instead, I'm pretty sure nothing good is going on.

Maybe the website is fine, their phone system is hacked, the email was spoofed, and when you call "them" to place an order you're really giving your CC number to the hackers.

gfpd707 · Apr 20, 2016

wally said:
Just got an Email from Midway apologising for problems with their website, saying they were still taking telephone orders.

Usually this means one of two things -- a large system upgrade went poorly, or more likely, they discovered they have been hacked.

If you've credit card numbers on file there I'd pay close attention to your statements for the next few months

So you have no information other than they emailed and said they have website problems. Seems like a lot of speculation in this thread.

wally · Apr 20, 2016

Maybe the website is fine, their phone system is hacked,

Any examples of this actually happening? Hacking the 1-800 number in the printed catalog would seem to be a heck of a trick. If it can be done why not go straight to the source and hack the 1-800 numbers printed on the back of credit cards?

I know telemarketer scammers manage to make bogus numbers (or invalid ones in an attempt to get around call blocking blacklists) show up in the caller ID.

In any event, I have two credit cards that I *only* use on-line and for the ~10 years I've had these accounts Its rare to go an entire year without a "fraud alert" that ends up with me denying bogus charges and them sending me a new card. Its the merchant that takes ti hit if they actually ship based on the bogus credit card charge.

Onward Allusion · Apr 20, 2016

Just got an Email from Midway apologising for problems with their website, saying they were still taking telephone orders.

Usually this means one of two things -- a large system upgrade went poorly, or more likely, they discovered they have been hacked.

They're back up.

System upgrade, unlikely during the middle of the week. Usually it's Saturday night / Sunday morning. Hacked, also unlikely. Hacks are silent until discovered.

People have to stop clicking on attachments in e-mails.

Cisco IronPort or some other mail appliance can strip links or neuter 'em with innocuous characters. Another way is to embed the Virustotal API into the Hub Transport server so the link is scanned.

wally · Apr 20, 2016

Just got "Midway website is 100% functional and has experienced no downtime" Email. Good news on a situation where I'm happy to have been wrong.

danez71 · Apr 20, 2016

Any examples of this actually happening? Hacking the 1-800 number in the printed catalog would seem to be a heck of a trick. If it can be done why not go straight to the source and hack the 1-800 numbers printed on the back of credit cards?

It's happened but I don't want to go find the article. All the phone systems are Web base now.

System upgrade, unlikely during the middle of the week. Usually it's Saturday night / Sunday morning.

My guess would be for them, the middle of the week would be their slowest Internet traffic with people being at work and all.

matrem · Apr 20, 2016

You had my attention.
I have an order that was placed Saturday at Midway & should arrive tomorrow. They've had a credit card number of mine on file for years, and not a problem yet.

On the other hand, several years ago someone I've never met was dumb enough to pay their electric bill with my debit Visa number, and Visa had the money back in my checking account in a couple days. Took about a month before an attorney for Visa called asking if I know a so & so. "Because we like to make sure before we prosecute".

Not too worried about using a credit card on-line, but sure glad to read your post 14.

Midway Hacked?

wally

Member

MIL-DOT

member

Jimster

Member

SSN Vet

Member

kanook

Member

pjeski

Member

yugorpk

member

wally

Member

DeepSouth

Random Guy

Mainsail

Member

gfpd707

Member

wally

Member

Onward Allusion

Member

wally

Member

danez71

Member

matrem

Member

Similar threads