Howdy,
Hope this doesn't sound like sour grapes. To me it looks strange. They average a post in their forum of some sale, or promotion maybe once a week, or a couple times a month. So then you have the post in the forum about the breach. The next thing you see is a half dozen promotions in 15 minutes. It probably took them that long before they realized they reached the bottom of the literbox, and realized as soon as somebody posted in the breach thread, it came back to the top.
Regards
Gregg
Gregg -
I'm sure that the flurry of Bailey's posts in their forum the day after I created my "Bailey's Website Security Breach" thread is a mere coincidence. Or something like that....maybe....
My thread was created the afternoon of 1/27/16. Bailey's PDF about the data breach
almost invisibly posted on their website's homepage (
http://www.baileysonline.com/pdf/databreach_info.pdf ) was created on 1/26/16 using MS-Word 2013 software registered to John Conroy (Bailey's former Director of Marketing until 2/2014).
It was two days until Bailey's made a post in my Bailey's Website Security Breach thread in their forum. They did not say kaka about my post.
I understand that ANY company's website can be hacked. That's a given. What disappoints me, though, are several things:
1) To this day, Bailey's has not emailed me directly, warning me of the breach. Emails are fast and easy, and could have communicated the breach faster than (& in addition to) any mailed notification.
2) Bailey's, while recommending that customers change their login password, has not forced new passwords to be generated on the first login by affected customers. From an IT/computer geek-standpoint, this should be child's play. To neglect this step leaves their customers wide open.
3) Bailey's website, upon login by a customer, does not automatically check to see if that customer placed an order using MC/Visa/AmEx during the vulnerable period, then bounce that customer to a HIGHLY VISIBLE notification/warning screen. Once again, this should be child's play for a good web developer geek.
4) It speaks volumes to me as a customer that I had to read of the breach on another site (OPEHawgzClimberHearthporterznet&stuff). With Baileys being a site sponsor here on ArboristSite, I'd have hoped that they value the membership enough to be proactive and post of the breach IMMEDIATELY. Instead, they didn't say kaka on this site until being "called out" by multiple affected customers. This could be considered an insult to both AS and their "highly valued" customers.
Bailey's response to this incident has been lazy, slow, and ineffective. While apparently complying with legal requirements regarding loss of customer credit card info, they apparently didn't feel the need to go above & beyond.
Lazy.