ScottHH: Thanks for taking the time to reply... I actually have a separate account set up with a VISA Check Card. I transfer cash to this account just before making an online purchase. Typically, it has no more than $10-15 at most in there except right when I make a purchase.
You are correct, though. I certainly would not use the Debit/Check Card for our main checking account in an online transaction.
I will continue using DDD. I've liked their service for years now, and after several earlier online sellers went bust or saw their service deteriorate, I still find DDD reliable, although this incident was regretable. Lets keep an eye out that this doesn't happen again.
Their site is back up and it is still as screwed up as ever. I have gotten a Hello Monique and a Hello Adam and I am neither of these people. I can't believe that they keep putting their site back up without fully resolving whatever the problem might be. This is inexcusable, IMHO.
Just logged on to mine and it greeted me properly. My CC info isn't in my account info page. I don't remember if they used to keep that on file (I only use DDD like twice a year), or if I had to input it every time. If they used to keep it on file, apparently they've cleared out mine, since it isn't on that page anymore...
David Barker the VP of Marketing at DDD said all credit card information was cleared and must be re-entered again. If a credit card was used at DDD it was kept in your account and no option was given to enter it manually with every purchase.
They should have sent that email, that Christoph_G posted, to all of their customers because I am sure there are some people that placed orders this weekend that didn't know anything about this problem.
They had another problem similar to this just before they had their last 20% coupon code sale. That problem was that they were testing the coupon codes and some people actually used the coupon codes that they were testing to get the 20% off. I think some people that used the codes got emails from DDD stating that it was only a test, but I think some people actually ended up getting the discount anyway.
A few months ago I was a victim of credit card fraud. It happened just a few days after I placed an order with DDD. I don't know if that is where the person got my credit card number but that was the first thing that I thought at the time.
Yeah, in the scope of time and space this was "short time" but in the computerized scope which he's talking about this is a HELL of a long time.
I hate to say it, because I love DDD, but I really think someone will get the idea to sue DDD for violation of privacy or something else.
I just hope my info never made it out. My question is this... did the problem only affect people who logged in (I know that's what it says) but, if joe1, jane1, bob1 and dave1 were logged in would that mean that any of the 4 could have access to the other three's accounts OR does it mean that these 4 could have access to ANYONE's accounts? Since it sounds like a caching issue I'd suspect the 4 had access to only the other user's data and not data of joe2, jane2, bob2 and dave2. If this is the case, I'd suggest NOT logging into you account to check anything until they really get this resolved.
I know that I, personally, have yet to have a bad experience with Deep Discount DVD. Their prices, for me at least, are far lower than any b&m store I could go to, and lower than most online stores as well, with the exception of a few, more obscure titles.
Their site is back up, as is a now well-known fact. And again, I have yet to encounter a problem with it. I can log in and out just as easily as ever. Over the course of the now near four day "problem," I have logged in and out more times than I probably ever have, doing various checks and tests for my own personal satisfaction. Each time, my visit was fine. No seeing other people's information. No changes to my account. No orders made. Nothing.
The people who are in charge of DDD are making an effort to right these problems. Surely we can appreciate that.
I will continue to use DDD for almost my entire purchasing of DVD's. Thank you, and please... Have a pleasant day.
We are writing to inform you of the problem experienced with our website this past weekend.
Maintenance was performed on the DeepDiscountDVD website beginning at 4:00 P.M. C.S.T. on Friday October 8th, 2004 and continuing through 10:00 A.M. C.S.T on Monday, October 11th, 2004. This maintenance was intended to cache certain web pages and images to allow faster access by our customers. Unfortunately, this maintenance inadvertently resulted in certain limited customer information becoming accessible by other customers upon login by those customers. The accessible information generally included customer name, address, shipping information and order history. Credit card and debit card data is obscured on the account information page and as such, NO CREDIT OR DEBIT CARD NUMBERS WERE EVER COMPROMISED. Insofar as your credit/debit card information was always protected, it is not necessary to notify your card provider or to cancel your card.
Unfortunately, we have discovered that in some cases customers that logged in during the maintenance period may have been able to actually place an order on another customer's account. Again, we reiterate that there was never any ability to access or copy credit or debit card data. In other cases, customers may have updated and corrected their account information and placed legitimate orders. Unfortunately, our system cannot distinguish between these two situations. To that end, we feel that we must cancel all DeepDiscountDVD orders received during the maintenance period, which extended from 4:00 P.M. C.S.T. on Friday October 8, 2004 through Monday, October 11 at 10:00 A.M. C.S.T. This includes your order referenced above.
If this order was legitimately placed by you it will need to be placed again. We truly apologize for the inconvenience. Please accept the coupon below for 10% off your replacement order for any inconvenience this may have caused you.
On behalf of the entire company we sincerely apologize for this problem. Your patronage is very important to us. Although problems of this nature sometimes arise in every company, you can be assured that we will establish procedures to minimize disruptions of this type and work hard to develop improved internal controls that will allow us to respond faster when we need to.
Once more, please accept our sincere apology.
Sincerely,
DeepDiscountDVD.com
Coupon code: xxxxxxxx This coupon is for 10% off of any order at DeepDiscountDVD.com. It is a single-use coupon valid until 10/26/04"
Lane, the thing is, it's an extra preventative measure. If somehow someone was able to exploit this, they wouldn't be able to place new orders against the old CC info. That was a good step, IMHO.