Geeks.com Hacked

January 08, 2008 | by Christopher Nickson

They sell tech gear, they're certified hacker-safe, but they've been forced to admit that their e-commerce site was hacked last month.

It had to be a supremely embarrassing moment for Geeks.com, the site that sells tech gear online. Certified hacker safe by McAfee’s Scan Alert, the company last week admitted that it has been hacked, according to a story on Information Week.
 
In a letter posted on the Consumerist, Jerry L. Harken, head of security for the firm’s parent company, Genica, said,
 
"Genica dba Geeks.com ('Genica') recently discovered on December 5, 2007 that customer information, including Visa credit card information, may have been compromised. In particular, it is possible that an unauthorized person may be in possession of your name, address, telephone number, e-mail address, credit card number, expiration date, and card verification number. We are still investigating the details of this incident, but it appears that an unauthorized individual may have accessed this information by hacking our e-commerce Web site."
 
The company has reported the issue, and has set up help lines for customers who might have been affected. McAfee asserts that its hacker safe certification doesn’t always equate to 100% safe.

Post Your Comment...Comments

Scott Beckstead on Jan 8th, 2008 at 5:29 PM:

What's the point of certifying anything if it doesn't mean certified? McAfee has a lot to answer for and we should not let them off the hook either. Since we assume as consumers that hacker safe means hacker safe and it says cerified that's what we expect.

ScanAlert on Jan 9th, 2008 at 8:17 AM:

ScanAlert's Reply:
The allegation that Geeks.com was hacked while it was certified HACKER SAFE is false and misleading, and does not match the facts provided by Geeks.com to its customers. So far, no one knows exactly what happened, or whether this breach occurred on the web site or somewhere else. There is no evidence that this web site was hacked while it was certified HACKER SAFE. In fact, all of the information that ScanAlert has gathered so far indicates that this breach did not happen while Geeks.com was certified HACKER SAFE.

ScanAlert on Jan 9th, 2008 at 8:17 AM:

ScanAlert's Reply:
The allegation that Geeks.com was hacked while it was certified HACKER SAFE is false and misleading, and does not match the facts provided by Geeks.com to its customers. So far, no one knows exactly what happened, or whether this breach occurred on the web site or somewhere else. There is no evidence that this web site was hacked while it was certified HACKER SAFE. In fact, all of the information that ScanAlert has gathered so far indicates that this breach did not happen while Geeks.com was certified HACKER SAFE.

Matt on Jan 11th, 2008 at 7:39 AM:

What bothers me is that their staff didn't email everyone warning them that this happened. I have been a loyal customer for years now and I didn't receive one either.

Having your site hacked unfortunately is sometimes part of doing business online, but to not inform ALL your customers that it happened is in my opinion criminally negligent. Shame on you Geeks.com!

Not Notified by Geeks.com on Jan 15th, 2008 at 3:13 PM:

I've also been a loyal customer for years as well as a GEEKS' affiliate, sending new customers to their website. I did not receive any word from Geeks regarding the hack or the risk to my financial information. I DID receive more than 10 marketing emails from Geeks over the past month since the website hack so I'm pretty certain they have my email address.

Today I learned from my bank that one of my credit cards was recently compromised "in connection with a website that is now undergoing a fraud investigation". This particular credit card is less than 12 months old, is -rarely- used for online purchases but happened to have been used for a GEEKS purchase in November. Not a word to me from GEEKS, though. Maybe they were hoping I'd not notice the fraudulent charges that started appearing today? Lucky for me my bank spotted those charges and gave me a call.

As if failure to notify customers wasn't bad enough, it seems that GEEKS stored customers' CVV2 card verification numbers -- the special 3-digit numbers on the backs of VISA cards that merchants are ABSOLUTELY NOT supposed to keep as expressly stated by VISA in their merchant agreement.

If GEEKS.COM wants to retain some level of customer trust, GEEKS needs to inform ALL of their customers of the hack, the resulting risk and how GEEKS is going to fix things. And a "We're sorry" probably wouldn't hurt, either...

Comment on this article




Please keep your comments relevant to this article. Email addresses are not displayed, they are only required to verify you are human.

When you submit your comment, an email will be sent to your email address with a confirmation link. Once you have clicked on that confirmation link your comment will be posted.

HTML is not allowed.


Join our newsletter to keep up to date on the latest Digital Trends content like Videos, Reviews, News and more delivered directly to your email!


Plus, get early access to contests and specials from our partners. Join today!





Loading...