Bailey's has had a data/security breach. Update!

Rugged made
Treestuff
Advertise with us
Shop deals on ebay
Arborist Forum

Help Support Arborist Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
I made a purchase at Baileys yesterday using PayPal and was notified last night of 4 unauthorized attempts at trying to add $00.00 to my debit account from my bank. So now the hassel of changing account numbers. Not Baileys fault but it does not leave me with a good feeling about my purchase.
 
Mine was a charge to a company called Ocado LTD which looks to be a supermarket in Europe.
I found out today when my fuel delivery company called and said the card was declined on a purchase of diesel.

Luckily I keep some cash on hand because Wells Fargo locked out my account and pretty well said "tough ****". I couldn't even make deposits.
Apparently they really value their customers.

Was embarrassing as well, "declined" usually means "broke as hell".
 
Just saw this thread. They got me to. Ordered a 36" logging tong from them in December and I got an email from my CC company shortly after. They tried on Walmart.com to buy a bunch of stuff.
 
This is a public relations nightmare for Bailey's that will be a big test to the quality of new age management there. I feel for them as cyber attacks/theft really sux but being hush hush about it will do them more harm than good. They should be out on the front step over this issue and disclose what they know. Reading the above posts from members is not good, just today Bailey's posted a number of advertisements of sales/products. They should be posting about the breach and disclosing advice they have been given. They are handling the situation badly IMO and it will cost them.
 
This is bad and will only get worse, they should step up and take care or at least be percieved to be taking care of their customers. They should be on to this, they have a small window of opportunity to improve or diminish their reputation.
 
I think the new managment will learn a hard lesson over this, look at the 'related threads' at the bottom of the page. You can see exactly where their priority's lie. Too much competition out there these days to be sloppy and put your head in the sand. The old feller Bailey would not approve one bit IMO. Oh well...
 
sawfun said:
I made a purchase at Baileys yesterday using PayPal and was notified last night of 4 unauthorized attempts at trying to add $00.00 to my debit account from my bank. So now the hassel of changing account numbers. Not Baileys fault but it does not leave me with a good feeling about my purchase.
Click to expand...

The last purchase I made at Baileys was a year and a half ago, well outside of the window they are reporting. I suspect that they stored all the information on their system and someone hacked the system, or some employee accessed the information. With all the people eyeballing them now I would think that they used information that you have given them in the past. This is definitely more than they are admitting to.
 
Two fraudulent $180 charges in Ocala,Fl within a minute of each other happened to me about a month ago. Bank called me on a Sunday morning and asked if I happen to be in Fl, I said I wish... :surprised3:! I usually use PayPal online so had a hard time figuring it out until I just found this thread, mystery solved. Like someone else posted, I would like to have been notified by Baileys as soon as the breach was discovered, not trolling around here and finding out by mistake!o_O
 
Haven't made a purchase from Bailey's in well over a year and a half and the above statement was on my account page also. Very small red lettering at the top, almost missed seeing it. No attempted charges made on my debit card, so far. I suspect the thieves looked at my balance and got a good laugh out of it. The will probably send me money.
 
I can see why they do not want to notify their customers and set off alarm bells but guys are having their accounts attacked and many may not know yet that they have been affected, may not ever know. But they should stand up (its hard and takes courage) and do their dammed best to help their customers protect themselves. Not doing a thing as people get their accounts emptied shows what a swine the dill steering the ship really is. I'm not suggesting they pay monies to anyone who has been done over, just that they inform customers of what has happened to empower them to button down the hatches. This is what ANY reputable organisation does these days, they send an email to all their customers notifying them of the breach and offer suggested security recommendations for customers to take. They would know what happened when and what customers are potentially at risk. Keeping this info hush hush speaks a volume about their principles of doing business. Nothing I am saying will match the damage they are inflicting on themselves.
 
Seems like most of the fraudulent charges are being made in Florida, as were mine. Shouldn't be too hard to catch that thief.
 
NOw...... I notices earlier someone posted that said the spent their days catchin the scum that does this nasty stuff.

Can they suggest any measures we should take to protest ourselves if we have not yet been attacked.

Should we be changing out credit card and account numbers?
Is Paypal enough to protect us?

What should people do?
 
They sell the accounts to a black market so in the end there are many thrives .
Mine were in New York
And all over Europe.
Phone order or not they still type the number into the same data base so every card was at risk.

But what I don't get is discover sent me 2 cards in the mail and the day they arrived they called again and told me that they been hacked before I got them.

Hoping this don't last much longer


Sent from my MS 441-C using Tapatalk
 
Sagetown said:
Seems like most of the fraudulent charges are being made in Florida, as were mine. Shouldn't be too hard to catch that thief.
Click to expand...

This was actually posted in reply to a diff thread. Hard to keep up. But I re-posted it on this thread. The question on the other thread was "I bought over a year ago, so was my card taken back then" something close to that anyway........reply

No, that is why when you log-in at a later date you have to re-enter your CC number. Your account/log-in/password, address, history and other data comes up when you log in, but your CC does not. Because it is not "stored for use at a later date." Anything historical is dropped after 30 days and during the 30 days it is encrypted with a 256 bit encryption. Even at that, the temporary storage was not accessible from the Web Server, different part of the network for security reasons. We only even hold it that long because not all orders ship immediately and it saves us from having to get the card again because we really don't process the card to cash until the Item ships. And it facilitates refunds etc etc.

We see Credit cards go "fraud" daily. Unfortunately, it is a common event. That means that we use a service named Kount to protect us from taking stolen cards. When a card goes "fraud" that means that we took it, and at the time we took it the card had a "score" indicating it was good. But has subsequently been "re-scored" because downstream in the flow it turned up bad. From someone else also using Kount. They literally watch them for multiple addresses, countries, any change subsequent to the cards history. As well as they get that information from the Banking world. Amazing, but they basically watch CC's move around and track changes.

And we've had people tell us that our date range is incorrect but unless Bailey's was the ONLY place the card has ever been used there is no way to know where the card # was taken from. We don't even know that the cards we are notifying were taken, we just know that it was possible during those dates and someone was actively in the server because they left "tracks." The event was not a "grab historical data" it was a "I can see you type" event.

There is a lot of discussion on whether our dates were accurate. Personally, I'm not that smart. But Bailey's is currently paying of lot of people way smarter than me to go thru this. The Forensic company we hired says there is not much chance we will ever know who or where....did it. The attempts have come from Africa, all over Asia, the U.S., Vietnam and on and on. But none of that really means the person(s) were actually sitting in any of those places. Could have all been sitting in "Denver" or across the street.

But the dates are not "Bailey's dates," they were the dates given to us by people way smarter than me.
And making way more money than me :)

Bob
Bailey's C.O.O.
 
Brewz said:
NOw...... I notices earlier someone posted that said the spent their days catchin the scum that does this nasty stuff.

Can they suggest any measures we should take to protest ourselves if we have not yet been attacked.

Should we be changing out credit card and account numbers?
Is Paypal enough to protect us?

What should people do?
Click to expand...
We've had absolutely no PayPal come up as of this moment. PayPal is kind of different from a regular CC.
 

Similar threads

H
Tutorial: make your own raker depth gauge supported by software tool
25 26 27
Replies
539
Views
55K
hannes69
H
Ryan'smilling
My new wood splitter: Wolfe Ridge Mfg.
2 3
Replies
54
Views
11K
Ryan'smilling
Ryan'smilling
Frank Savage
Saw for fun and learn-Husky 372 "junksaw" salvage
Replies
7
Views
2K
Frank Savage
Frank Savage
XPLRN
My 'Brick' story.........McColloch PM610 addition to the CAD collection
Replies
4
Views
649
XPLRN
XPLRN
z71mike
My Stihl Dealer is Absolutely Horrible. I'm Done.
2 3 4
Replies
65
Views
5K
olyman
O

Latest posts

Back
Top