Simms Fishing Website Data Breach

[Glenn]

Simms Fishing Products notifies customers of payment card compromise

 

Public service announcement: If you bought anything from Simms Fishing online store since Sept 1st, your credit card information was hacked.

 

More details: http://www.databreaches.net/simms-fishing-products-notifies-customers-of-payment-card-compromise/

 

[Sam]

Don' you wish it was legal to get a computer nerd to go to the hacked site and go back and find the culprits and put a virus on their computers to destroy their hard drives.

 

Then have the US government send out a hit squad to take care of these scum bags once and for all.

 

Uncle Sam does do some tracking but that's all I understand our wonderful government does for us.  Never heard of any action taken against the perverts.

[deaknh03]

If you do anything online..anything..its never going to be 100% secure.

[hoosierbass07]

 Maybe the hackers were ticked (like I was) to find the Tackle Warehouse sales did not include Simms clothing.  I was thinking of buying a pair of their sun blocking fishing gloves if they were on sale but nope!   The disclaimer at the top of the page said Simms along with some other companies were not included in the Thanksgiving weekend sale.  So I did not order.  

[hatrix]

Don' you wish it was legal to get a computer nerd to go to the hacked site and go back and find the culprits and put a virus on their computers to destroy their hard drives.

Then have the US government send out a hit squad to take care of these scum bags once and for all.

Uncle Sam does do some tracking but that's all I understand our wonderful government does for us. Never heard of any action taken against the perverts.

That would be a gray hat you are looking for. Also it is highly doubtful the perpetrators would ever be caught. It is also a very good idea to just transfer funds to a account to purchase online.

On a side note what should be illegal is company's that release drive by malware and then have a program for you to buy that will remove it. It is not even like they hide a about it. They release the virus/malware and make a program that will supposedly remove it and also give tons of false positives about stuff that is not really on your computer.

[Lund Explorer]

This kind of problem will never be solved until the company's that allow their computer systems to be hacked are held responsible for the losses suffered by their customers.

[J Francho]

This kind of problem will never be solved until the company's that allow their computer systems to be hacked are held responsible for the losses suffered by their customers.

 

My personal opinion is that this should fall on the banks' shoulders.  It's their product they offer to stores and consumers, and push it as the safe and convenient way to pay.  Then prove it.  Stores buy into the banks' processing system, and pay fees.  It's the banks and thier processing that needs to be held accountable.

[Senko lover]

Ouch.....that'll boost their sales bigtime.

[hatrix]

This kind of problem will never be solved until the company's that allow their computer systems to be hacked are held responsible for the losses suffered by their customers.

No one allows there systems to be hacked. Nothing is hack free and any network can be hacked. Even the DOD is hacked and it happens every single day. All countries are hacked and in the scope of things some petty company's network is a joke in the grand scheme of things. There is no way to stop it because you can't block doors ou don't know exist. All protection is catch up and the protocols that are put in place are based on previous ways networks have been breached.

It is similar to how a virus works. You can't add the virus to the protection list till someone get infected first. It is very hard to stop what doesn't yet exist. It is much more complicated then that but I tried to explain in a way that is easily understandable.

In the end it is impossible to stop breaches of networks and if someone really wants the info and they are skilled you will not stop them.

[J Francho]

 

In the end it is impossible to stop breaches of networks and if someone really wants the info and they are skilled you will not stop them.

 

No it is not possible to stop breaches, however it is possible to implement safeguards that enable monitoring and determining the source of the breach.  Then there must be international laws in place to punish the crime.  Currently, there is very little of the latter in existence.

[hatrix]

Even tracking hackers "a skilled one" is almost impossible. If they don't want to be found they won't be. It sucks to say but it's true. Even if you did locate the source if it is from a place like Russia or China or even Korea you can chalk that one up. That's is where most of the hacking originates from. China alone has so many hackers working for the government it's insane. They back the whole world. Russia is more groups that work together and do things like what what happened to Simms. Lots of carding rings and identity theft. Although they are not above selling classified materials.

[J Francho]

 

Even tracking hackers "a skilled one" is almost impossible.

 

Yes, I realize this - I work "in the business."  It really depends on how you set things up.  I'll leave it at that. 

[Lund Explorer]

My personal opinion is that this should fall on the banks' shoulders.  It's their product they offer to stores and consumers, and push it as the safe and convenient way to pay.  Then prove it.  Stores buy into the banks' processing system, and pay fees.  It's the banks and thier processing that needs to be held accountable.

 

It wasn't a bank a c/card processor that lost the employee data at the post office recently.  It wasn't their fault either when a Defense Dept. employee walked out of his office with a laptop  only to have the car it was in got stolen.  And it isn't banks a c/card companies that store all of the store's customer base.

 

Where they are responsible though, they should be held to the same standards.

[Lund Explorer]

No one allows there systems to be hacked. Nothing is hack free and any network can be hacked. Even the DOD is hacked and it happens every single day. All countries are hacked and in the scope of things some petty company's network is a joke in the grand scheme of things. There is no way to stop it because you can't block doors ou don't know exist. All protection is catch up and the protocols that are put in place are based on previous ways networks have been breached.

It is similar to how a virus works. You can't add the virus to the protection list till someone get infected first. It is very hard to stop what doesn't yet exist. It is much more complicated then that but I tried to explain in a way that is easily understandable.

In the end it is impossible to stop breaches of networks and if someone really wants the info and they are skilled you will not stop them.

 

I can repeat myself if it would help, but perhaps you'd like to re-read my post. 

 

This type of thing has been going on for years, and the companies, banks, and c/card processors are all well aware of it.  And yet in every instance, they are held harmless aside from perhaps offering discount pricing for the real victim to sign up for credit screening.  They pay for it short term and then you get to pay after that. 

 

Hence, there is absolutely no reason for the people that profit from an arcane system to change it. 

 

Maybe I should repeat what I said.  This kind of problem will never be solved until the company's that allow their computer systems to be hacked are held responsible for the losses suffered by their customers.

[J Francho]

You telling "credit card companies" aren't banks? I'm speaking directly about using a card to pay for your purchase. That card is offered by a bank, with certain assurances about privacy and security. No, you can't can't control when a employee jots your info down, and steals from you. I'm not talking about that. I'm talking about the systems in place for processing and exchanging credit card purchases. These systems are integrated into point of sale systems, which are supported by banks offering the cards. It's their responsibility to ensure the data integrity standards. Places that use an integrated POS system, like bigger chains, should comply to those standards as well. I'm not sure where the breaches occur, but for a bank to allow retailer to bandy about this data insecurely is pretty foolish. They're the ones that have to pay for the fraud. Maybe, that lost money is less than what it would cost to protect it's customers. Things that make you go "Hmmmmmm."

[J Francho]

I can repeat myself if it would help, but perhaps you'd like to re-read my post. 

 

This type of thing has been going on for years, and the companies, banks, and c/card processors are all well aware of it.  And yet in every instance, they are held harmless aside from perhaps offering discount pricing for the real victim to sign up for credit screening.  They pay for it short term and then you get to pay after that. 

 

Hence, there is absolutely no reason for the people that profit from an arcane system to change it. 

 

Maybe I should repeat what I said.  This kind of problem will never be solved until the company's that allow their computer systems to be hacked are held responsible for the losses suffered by their customers.

Actually, I think we're probably saying almost the same thing, though I'm being more specific. Thanks for the clarification.

[Lund Explorer]

Actually, I think we're probably saying almost the same thing, though I'm being more specific. Thanks for the clarification.

 

Agree with what you've said.  I just don't agree with others saying that all computers get hacked and there isn't anything that can be done.

 

How's that old saying go?  "Doctor, it hurts when I do this!"

[J Francho]

 

I just don't agree with others saying that all computers get hacked and there isn't anything that can be done.

 

I don't agree with that part either.

[hatrix]

There really is not anything you can do stop a group of skilled hackers. The best thing you can do is to hire these "criminals" to work for you and fix the flaws they find.

There are cases of people who break in but only to inform the company of the issue so they can fix it. Then sometimes they prosecute the person who exposed the flaws in there system. It's kind of a blurry line in my eyes. They are not malicious hackers and really are only trying to help but not everyone takes the info kindly.

It is bad to business to let the public know how often a company is breached so you will never know how common it really is. It is the downfall of the digital age. TOR was a excellent idea but giving it to the public backfired on the government.

[J Francho]

 

TOR was a excellent idea but giving it to the public backfired on the government.

 

Ask Snowden how TOR worked out for him, lol.

 

Anyway, I see TOR as something completely different.  I'm not so sure it's the problem, so much it's part of the solution.....  Layers of encryption (the same methodology of TOR) are what banking and POS systems lack.

[hatrix]

Ask Snowden how TOR worked out for him, lol.

 

Anyway, I see TOR as something completely different.  I'm not so sure it's the problem, so much it's part of the solution.....  Layers of encryption (the same methodology of TOR) are what banking and POS systems lack.

 

I agree it is part of the solution. I also understand why the NAVY released it publicly since It is kind of hard to be anon when your the only one. The problem it created was now people can do all sorts of illegal activities that were never possible on the clear net.

[ACORO]

Simms Fishing Products notifies customers of payment card compromise

 

Public service announcement: If you bought anything from Simms Fishing online store since Sept 1st, your credit card information was hacked.

 

More details: http://www.databreaches.net/simms-fishing-products-notifies-customers-of-payment-card-compromise/

 

Is it ok to order as of now???

[xxmurrxx]

Is it ok to order as of now???

 

Best to ask the company directly, You could probably also call to have your payment processed.

[0119]

Between big box retailers data being hacked and skimmers on gas station pumps, its estimated that over 65% of americans identity info is already in the hands of russian, chinese and indian organized crime. They in turn sell the data in mass to highest bidder's.  This figure is from the D.O.J.'s FBI/Interpol task force and is probably low balled.

[RSM789]

Lund Explorer is correct. Companies do not need to keep your data following a purchase, they do so for marketing purposes and to drive repeat sales. If they are choosing to keep a treasure trove of information, they are responsible for it.

For example, lets say you use my bass boat & then lock it up inside your garage, guarded by Dobermans. Someone gets past your security & steals my boat nonetheless. You were not responsible for the theft, but you are responsible for the loss of my boat. It was in your care when stolen. You can not legally or morally just throw up your hands & say "sorry, sucks to be you".

In my business, I take credit cards, but as soon as the transaction is complete, the credit card number & other sensitive information is nowhere in my system. They can't steal what I don't have.