Warning! (Midwest Supplies hacked)

Announcements and Discussions about brew-club meetings

Warning! (Midwest Supplies hacked)

Postby JimPotts » Tue Sep 03, 2013 7:55 pm

Many of you know that I had a credit card # stolen (I thought it was when I was in Las Vegas).

I just received a letter from Midwest Supplies, notifying me that their website was hacked, and my # might have been stolen. Yep. So it appears that I was wrong in blaming someone at the Stratosphere.

In any case, if you've bought from Midwest, you should probably keep a close eye on your credit card bills.

-Jim
User avatar
JimPotts
Site Admin
 
Posts: 962
Joined: Mon Jan 30, 2006 4:59 pm
Location: Cedar Rapids

Postby prieff » Wed Sep 04, 2013 12:24 pm

This is really to bad. I looked on their website to see if they were addressing it at all and there is nothing there. Further poking around the internet it looks like the breach was for over a month... June 13th-July 19th. They are NOT offering anyone credit monitoring but instead giving out a $25 gift certificate for a future purchase. WTH???

Last November I ordered 20# of Ashburne malt from them, which I admit is a slow mover specialty malt, and it was chock full of bugs....and worms once milled it. I contacted them and they were surprised and offered me a refund. Couple of days later they said they checked the bin and there were no bugs in that malt and that I must have been mistaken.... again.. WTH??

Anyways, anyone that did biz with them really should keep an eye on things for a while and a monitoring service may be in order. One more reason to deal with Joe I guess. It is to bad... cut my teeth on Midwestsupplies... but I will not use them again.
prieff
 
Posts: 121
Joined: Wed Sep 23, 2009 8:03 am

Postby JimPotts » Wed Sep 04, 2013 2:15 pm

If you weren't aware, Midwest Supplies and Northern Brewer merged in March. The former head of Midwest is now the President at NB. All shipping is done from NB's warehouse. They maintain the Midwest storefront, and they pretend the website is a separate business.

So I guess I won't be doing business with either from now on. And, yes, it's ludicrous that it took them two months to notify me that my card was stolen. Fortunately for me, Citi's fraud detection worked, and they shut my card off before anything was purchased.

-Jim
User avatar
JimPotts
Site Admin
 
Posts: 962
Joined: Mon Jan 30, 2006 4:59 pm
Location: Cedar Rapids

Postby daynelockheart » Wed Sep 04, 2013 3:58 pm

my wife got me the kit of the month club from Midwest in February. I haven't had any problems with them other than forgetting hops in one kit but that was quickly remedied. good to know that their site got hacked. haven't herd anything from them yet...

J
daynelockheart
 
Posts: 18
Joined: Sat Mar 24, 2012 9:59 pm
Location: Cedar Rapids, IA

Postby kjball » Thu Sep 05, 2013 8:04 am

did not know that. Thanks Jim.
Bad people drink bad beer. You don't usually see an empty bottle of Rochefort tossed onto the side of the road
kjball
 
Posts: 804
Joined: Tue May 25, 2010 3:27 pm
Location: Solon, Iowa

Postby Matt F » Thu Sep 05, 2013 8:13 am

I haven't used them in a while thanks to Joe! I use to though. They have good prices on gain at 5 lbs. and 10 lbs. sizes.
Matt Franklin
Slappy Brewing North

On Tap:
Saison
Matt Damon in my Mouth
Tree House Julius Clone

Fermenting:
Belgian Dubbel/Sour
User avatar
Matt F
 
Posts: 3388
Joined: Mon Feb 13, 2006 9:09 pm
Location: Cedar Rapids, IA

Postby JimPotts » Fri Sep 06, 2013 10:26 am

I suppose I'll do one more order with them, to use my $25 credit. Then I'm going to send them a paper letter ordering them to completely delete my account.

As a security researcher, and a former web developer, I understand that websites can get hacked. But their response, from taking a month and a half to notify us, to offering as a paltry credit, is outrageous. Most companies pay for a year of credit monitoring when this happens.

Also, if they followed proper regulations, our numbers wouldn't have been stored, and the hack would have affected far fewer people. And they've refused to say how they've "fixed" the problem. They just state that they're satisfied that it won't happen again. Nice.

Also, it appears that when people were contacting Midwest to tell them their suspicions, Midwest completely blew them off.

I'm so glad I can order from Joe!

-Jim
User avatar
JimPotts
Site Admin
 
Posts: 962
Joined: Mon Jan 30, 2006 4:59 pm
Location: Cedar Rapids

Postby JimPotts » Fri Sep 06, 2013 10:29 am

I suppose I'll do one more order with them, to use my $25 credit. Then I'm going to send them a paper letter ordering them to completely delete my account.

As a security researcher, and a former web developer, I understand that websites can get hacked. But their response, from taking a month and a half to notify us, to offering as a paltry credit, is outrageous. Most companies pay for a year of credit monitoring when this happens.

Also, if they followed proper regulations, our numbers wouldn't have been stored, and the hack would have affected far fewer people. And they've refused to say how they've "fixed" the problem. They just state that they're satisfied that it won't happen again. Nice.

Also, it appears that when people were contacting Midwest to tell them their suspicions, Midwest completely blew them off.

I'm so glad I can order from Joe!

-Jim
User avatar
JimPotts
Site Admin
 
Posts: 962
Joined: Mon Jan 30, 2006 4:59 pm
Location: Cedar Rapids


Return to CR Beer Nuts Meetings

Who is online

Users browsing this forum: No registered users and 1 guest

cron