Smartphone Experts Store Advisory (Incident Notification)

[Store Team]

On July 12th, Smartphone Experts discovered suspicious activity on a system used to process credit card payments for orders made through our online stores. This system powers accessory stores for several websites, including the iMore store.

We immediately implemented measures to prevent any further unauthorized access, and engaged a leading computer security firm to investigate and provide recommendations for additional security measures.

The security firm completed its investigation on August 5th 2013 and found evidence that although credit card information is encrypted when it is stored, the hacker may have had the technical ability to use a decryption feature of the system to view some customer’s credit card information.

Over the next few days we will be notifying all individuals via mail or email whose information may have been affected so they can take steps to protect their cards from any potential fraudulent charges. We have provided all relevant information about this incident to the credit card companies so they can take steps to protect their cardholders. We are also working with law enforcement.

We are committed to maintaining the security of any and all personal information in our system and are taking this matter seriously. We have implemented additional security measures in order to prevent an event like this from occurring in the future.

We will provide support via this forum thread, but for any individual concerns please don’t hesitate to email us at support@smartphoneexperts.com or call us at ( 888 ) 599-8998, option 2.

 

[jrsbill1]

Now I know where the hack to my debit credit card on June 22, 2013 came from.

Over $2,000 worth of tickets to the UAE were purchased. Spent a total of 2 hours on the phone with Bank of America over 2 days and filling out paperwork to have the charges reversed. Not to mention all the accounts that needed to be updated with a new credit card number.

I had my suspicions on 3 sites I never ordered from before this happened. After receiving the letter in the mail today, now I know exactly who was hacked for my information to be leaked.

 

[zerog46]

I got one today and also solved the issue my wife and I both had. We both had our cards hacked.

 

[Alli]

Please let us know if you don't hear from a store rep.

 

[li2327]

I received one of those letters today as well. It's good they discovered the issue!


Sent from my iPhone using Tapatalk 2

 

[Caballera]

Disappointed this wasn't mentioned on imore.com and disappointed it's kinda buried in the forums. Thankfully I got a letter today about this "incident", and see on the other forums (and twitter) that more then a few people have fraudulent activity on their credit cards. Surprised to see that some are from June and we are just hearing about this now. Very disappointed.

 

[Store Team]

Disappointed this wasn't mentioned on imore.com and disappointed it's kinda buried in the forums. Thankfully I got a letter today about this "incident", and see on the other forums (and twitter) that more then a few people have fraudulent activity on their credit cards. Surprised to see that some are from June and we are just hearing about this now. Very disappointed.

All affected customers have been notified individually via letters or emails, which we decided is the best method to reach the affected customers as the majority of customers are not regular readers or visitors. In addition, this thread was created on Tuesday to announce the incident in the forums.

Again, we are sorry for any inconvenience this incident might have caused.

 

[jrsbill1]

Calling what I had to go through with Bank of America to clear the $2,010.83 charge that brought my business debit card into a negative balance a inconvienavce is an understatement.

 

[Garz]

I was a victim of $630.00 in fraudulent charges on August 7th. I bought a Mophie Juice Pack Air for my i5 here in May. My information was compromised on July 12th or before the but this letter was not sent until August 7th. The same day of those fraudulent charges. I hope SPE didn't know about this right away and avoided notify us. Thankfully BofA texted and called me ASAP to tell me they froze my debit card on 08/07 from what they believed was fraudulent charges. They did reimburse me right away, cancelled my old card, and mailed a new one which I did receive today. I have bought several items from the SPE store going back over 5 years. Due to this problem and security issues, I won't buy here ever again.

 

[Store Team]

I was a victim of $630.00 in fraudulent charges on August 7th. I bought a Mophie Juice Pack Air for my i5 here in May. My information was compromised on July 12th or before the but this letter was not sent until August 7th. The same day of those fraudulent charges. I hope SPE didn't know about this right away and avoided notify us. Thankfully BofA texted and called me ASAP to tell me they froze my debit card on 08/07 from what they believed was fraudulent charges. They did reimburse me right away, cancelled my old card, and mailed a new one which I did receive today. I have bought several items from the SPE store going back over 5 years. Due to this problem and security issues, I won't buy here ever again.

Garz,

Thank you for letting us know about your experience with this unfortunate incident.

When we discovered the suspicious activity on July 12th, we immediately retained a leading forensic investigator to assist in determining what if any information had been compromised. The security firm completed its investigation on August 5th 2013 and within days we started notifying the at-risk customers via letters and email. We have been working hard to let our customers know what happened and we wanted to make sure we had accurate information prior to sending our notifications.

We have provided all relevant information about this incident to the credit card brands so they can take steps to protect their cardholders. We are also working with law enforcement to find the criminals behind the hack.

We can certainly understand your concerns regarding shopping with us ever again. We are committed to maintaining the security of any and all personal information in our system and are taking this matter seriously. We immediately implemented measures to prevent any further unauthorized access, and have contracted with additional external security companies to continuously audit our systems for possible vulnerabilities.

We also continue to offer the ability to checkout using Paypal, Amazon Payments, and Google Wallet. With those options your payment information is not shared with us.

 

[Garz]

Garz,

Thank you for letting us know about your experience with this unfortunate incident.

When we discovered the suspicious activity on July 12th, we immediately retained a leading forensic investigator to assist in determining what if any information had been compromised. The security firm completed its investigation on August 5th 2013 and within days we started notifying the at-risk customers via letters and email. We have been working hard to let our customers know what happened and we wanted to make sure we had accurate information prior to sending our notifications.

We have provided all relevant information about this incident to the credit card brands so they can take steps to protect their cardholders. We are also working with law enforcement to find the criminals behind the hack.

We can certainly understand your concerns regarding shopping with us ever again. We are committed to maintaining the security of any and all personal information in our system and are taking this matter seriously. We immediately implemented measures to prevent any further unauthorized access, and have contracted with additional external security companies to continuously audit our systems for possible vulnerabilities.

We also continue to offer the ability to checkout using Paypal, Amazon Payments, and Google Wallet. With those options your payment information is not shared with us.

Thanks for the reply and reading my concern. Also, thanks for notifying my bank. They were aware of what happened with you which helped them notice the fraudulent activity on my account in which helped stop this fast.