FOC creditcard fraud?

[.30/06 FTW]

SECURITY UPDATE

In October of 2022, we were informed by VISA that there was a security issue on our website resulting in the fraudulent use of credit cards that affected up to 200 clients spanning a four-month period prior. We recognize the severity of this breach and respect your critical right to privacy and confidence in using our platform. Immediate and urgent actions taken have been successful in rectifying this.

A thorough PCI investigation was outsourced to a security firm who conducted a full audit on our website, the scope of which scrutinized our website’s firewall, coding, and remote access and activity logs. The findings revealed a vulnerability in our payment module that had been exploited to allow malware to record credit card information during Checkout.

We want to assure you that, as of 07 Nov, the vulnerability has been patched, and our online security has been upgraded. We have hired a dedicated company that will provide their firewall services to us ongoing, which includes 24/7 monitoring and alerting of potential malicious web activity, and to continually ensure that we are PCI-compliant.

We have been assured that the focus of the malware attack had been on credit card information specifically, and that no other critical personal data points had been targeted.

During this ordeal, many of you have reached out to us and provided personal experiences and information that have aided greatly in achieving resolution. Your collective willingness to offer support despite the exigent circumstances is humbling. To all those affected by fraudulent uses of your credit card, and all who faced the prospect of its exposure, we are abjectly and sincerely sorry.

Your privacy, security, and trust are of utmost importance to us, and its breach is regretful and something we take very seriously. We have taken the lessons learned from this experience and applied them to continue growing and serving you in the future.

Alfredo Pellegrino
President

Would’ve been nice if you’d been more open and upfront about this before getting called out on it.

 

[Leadwizard]

Thanks for the cheap mags FOC, better check my statements.

 

[medvedqc]

Thieves are getting so sophisticated. I support and encourage the buttrising and monitoring of your firewall, I would also suggest you allow a 3rd party payment strategy such as P@yP@l or the like. With the way government legislation is going, our anonymity and security is becoming paramount.

pay pal and guns lol ...

 

[mr.friendly]

Have your CC company issue new cards. Takes about a week for the new numbers.

 

[Arcosdad]

I may have missed it above but what 4 month period does this breach span?

 

[DerWeißeWolf]

And to think this could have been avoided with appropriate routine integrity checks. A few hundred dollars for a spot check could have prevented this. Cheapskates. Show more respect over your clients private details.

 

[cocksure]

Dang, I got hit with this. Someone racked up about 750 bucks in fraudulent charges on gas before visa locked up the card. While it's not optimal that it happened, at least I know where the leak was. Now I'll just send FOC an invoice for 8 hours on hold with visa. Jk, #### happens.

 

[Redblack]

Wow, they should have suspended credit card sales when the breach was identified. Might have saved a few people from getting compromised.

 

[K1LLswitch]

It only took me 90 min with Mastercard. $1500

 

[ryanv]

Foc isnt the only one. My card was used tonight at home depot for $750

 

[medvedqc]

I may have missed it above but what 4 month period does this breach span?

and only 200 that is not that much ...

 

[Bulldog]

Great, they knew and never bothered to notify potential victims.
Anyone can have a problem, but when you do, it’s how you deal with it that matters.

It’ll be my first and last purchase from FOC.

 

[machohugeaxe]

Did anyone get compromised on amex? Or just all visa and mastercard. Purchased from this store on amex, kinda scary because it had no stated limits being a charge card

 

[tonykimatpl]

I just checked back and the same for me. Purchase made from Firearms Outlet Canada on Apr. 29. Attempted charge of 160.95 from APPLE.COM/BILL on May 15. Card subsequently cancelled.

 

[pertain]

I made two purchase from FOC in July and August, and had a hit on my credit card soon after, about $150, apple store stuff.

I did buy online with the card from other gun shops shortly before it happened. Cannot pin down FOC but very suspicious.

 

[Paul L]

Wow this explains it all I bought x95 parts in early May, and then both my cards were hit over and over, $2300 at new balance canada, H+M was well over a 1000 then a bunch of all small things.. I noticed it while camping may long walking to the outhouse I got a notification from the banking app About the first new balance buy and while on the phone 3 more were made they locked both my cards was a pain in the ass for sure...

Sucks FOC knew about this and didn't let us know

 

[Ruinerofallfun]

Thanks FOC for the heads up about it being fixed... Just wished it didn't take a horde of people complaining to get it admitted.

You guys have an awesome online shop so I hope you keep rockin-on... just next time do better.

This stuff happens and we're protected by credit card policy/insurances, but standard policy would be to apologize, notify all potential people impacted, or throw a little blurb up on the site saying: woops something happened and we fixed it! Before people bring the pitchforks.

 

[thevest]

Also got mine compromised this week. And back in August. Both shortly after FOC purchases. Love FOC, but guess I’ll stick to swinging by and paying in cash for now.

 

[redflagmat]

I actually finessed 50k reward points from my credit card company for letting “this happen,” and to sweeten the deal for me staying with them lol

 

[Asuper59]

Not to bash G4C, I've always had a good experience, this is just constructive criticism, my CC was compromised twice and both purchases was from them.