Hello edoedward -

Aaron from our Social Media team, will be reaching out to you regarding your concern. Thank you for your continued patience!

Ryan,

 

Please reach to my email address if possible. I have spoken to a person name Cherry (claimed herslef as a supervisor) from bestbuy.com support, and promised me to expedite the investigation, and I should expect a phone call from someone by the end of the day... so far, 6 hours've passed by and no one has reached me.

 

I will look forward to hear from Aaron

Ryan,

 

I'm still waiting a message from Aaron as you mentioned. Please let me know by when I shall expect his call. Also, no one from fraud department has reached me.

 

 

Average response on the forum is 3-5 business days. But out of curiosity, what would you want BB to do? Have you reported it to your credit card and has your best buy account been locked (or at the very least all cards removed)?

Liquid... Thanks for your info regarding the slow response.

 

This is what I have done:

- Changed my bestbuy.com password

- Cancelled the order myself

- Reported it to bestbuy.com customer service (sadly, I could not reach the fraud department)

- Contacted my credit card company

 

I did not remove the credit card used to place the order because I wanted it as a proof when I'm speaking with someone from bestbuy.com. However, I have blocked this virtual credit card number for further use. If you are a regular internet shopper, then you must know that some credit card companies provide you a functionality to generate virtual numbers that can be used only for one merchant. In this case this credit card virtual number exist only in bestbuy.com database and my credit card company database.

 

What do I want bestbuy.com to do? I want a quicker response/explanation of how this happened, because I'm almost 100% sure that the breach occurred to my bestbuy.com account, rather than someone stole my credit card info.

How did I come to this conclusion:

- As I said before, this virtual credit card number exist only in bestbuy.com database and my credit card company database.

- If the carder got my virtual credit card number from my credit card company, then this is a huge coincidence then carder knew that it could only be used in bestbuy.com. Otherwise, if the transaction comes from any merchants other than bestbuy.com, then the transaction would have been rejected by my credit card company in the first place

- The order is in my bestbuy.com account. If the breach was not on my bestbuy.com account, the carder would have made the purchase as a guest (Unless bestbuy.com system is smart enough to automatically putting a guest order under my bestbuy.com... Which I doubt. Even for this, the carder will need my address  to enter the billing address)

 

Based on other posts that had similar issues with me (also the first customer service I was speaking with on the phone), bestbuy.com insisted that someone stole the credit card info rather than this someone had an access to the bestbuy.com account. This is what I'm waiting from bestbuy.com to response to me. 

 

Now our of curiosity, let me ask you the same question. If you were me, with the situation I explained above, what would you want bestbuy.com to do? To take their time, and just get back to you in the time with their explanations?

 

I think what made me a little more upset and demanded a quicker response was the fact that whoever talking to me on the phone insisted that it must have been my credit card number stolen, while all the facts that I gathered pointing to the breach to my bestbuy.com account (as others also have experienced)

 

 

Greetings edoedward,

 

I realize this may not be the response you were hoping for, but you must follow up with your credit card’s issuing bank for assistance with this issue – neither our phone nor e-mail support teams have the ability to investigate individual charges.  I would also encourage you to notify your local authorities of the situation if you haven’t already done so.  Once you’ve taken these steps, rest assured that Best Buy will partner with both organizations to ensure the appropriate actions are taken.

 

Thank you for your patience and understanding.

Edoedward- I can appreciate your reasoning for being upset. However, there is really not much Best Buy can do to offer an "explanation". Details of your account activity, like IP address of computer used, date and time or log ins, etc may be information that they can't share without being subpoenaed which is why the first thing support would do is direct you to the authorities. It's similar to if your physical card was stolen and you asked security for a tape of the person who took the card making the transaction. None-the-less you are smart to use virtual card numbers since the damage could have been a lot worse. Hope it was only your BB account that Got hacked and nothing else...I'd check to make sure your other accounts are secure as well (in the event your computer has spyware).

My BB account was hacked this Morning.. 5/1/2012. A Sony PS3 Download worth $50 was purchased using my stored credit card information and was withdrawn from my bank account. The hacker augmented and rearranged the letters in my gmail  email name but used a yahoo emal address and then forwarded the downloadable content to that email. I am furious, and it looks like its a spreading epidemic.

 

I read this article about the EPSILON hacking that occurred last year.

 

http://latimesblogs.latimes.com/technology/2011/04/epsilon-cutsomer-files-email-addresses-breached-i...

 

They claim that only email addresses were stolen, but Its obviously more information was obtained by these hackers. I have not changed my best buy password in over a year since before that incident occured in 2011. Whatever data these hackers stole, if you havent changed your password in a long time I would do so ASAP. Also delete your stored CREDIT CARD info off your best buy.com account.

I would also like to mention that the hacker did not reset my password this morning on the best buy website. He logged directly onto best buy with my email address and password. And I know that I do not have spyware on my system. I have been running off an encrypted network for 3+ years. Consider the facts here! There are multiple reports of this happening by other best buy online customers. That means this is either an inside (best buy employee) hack, or this is directly due to the EPSILON hacking that happened last year in 2011. If more reports come in by other customers and they admit they havent changed their password in over a year, it could be guaranteed that the EPSILON hack is the culprit.

 

I have been to my bank today and filed this transaction as Fraud, and I also went down to the local police department. The police informed me that nothing could be done, they do not have the resources to investigate internet crimes.