You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Came in for coffee this morning to find an email from Chain Reaction confirming I had just bought a £100 gift voucher that had been sent to a strange (unknown to me) Hotmail account as a gift with the message "Many thanks bro". The message even contained my password within the text and payment had been made from my debit card which (as far as I know) I hadn't ever saved with CR. I tried to phone them to cancel it but there is more hope of Brexit being sorted by next week than getting through to speak to a real person. So I sent an Email instead. Also got onto my bank and cancelled card and got it logged as fraudulent activity. Anyway, the transaction has now been cancelled with no loss to me and I have changed passwords and have a new card coming.
Anyone else had something similar from Chain Reaction? Even if you haven't it may be worth changing your passwords with them as it appears their website has been compromised.
Thanks for the heads up
I don't save my card details with retailers.
[strong]scotroutes[/strong] wrote:
I don’t save my card details with retailers.
Nor do I. Which makes it doubly worrying!
do you use the same username/password combo on other sites or is it unique to CR?Nor do I. Which makes it doubly worrying!
You can use haveibeenpwned.com to check your login against known compromised databases.
Did you use the same password elsewhere?
Beaten to it ^^^
Possible that their site has been breached, but more likely that its from an existing breach elsewhere.
Good warning there! (Or 'heads up' for our U.S./pretentious business speak brethrin)
Have had the same plain text password on CRC since the dawn of time, so will get n change it.
A thought - I use Paypal always... would that have protected me?
No one's allowed to mention Wiggle have history on this. So I won't.
CRC have history also before they were Wiggle