Author |
Message |
< 16ga. General Discussion ~ Ballistic Products data breach |
|
Posted:
Fri Sep 09, 2022 6:51 am
|
|
|
Joined: 27 Sep 2015
Posts: 177
Location: Alabama
|
|
I received a letter in the mail that said that one of BP's vendors had a data breach that occurred between Sept 2020 and Feb 2022. They said some customers could have had personal info stolen. I was instructed to contact a company called IDX for a free(?) security monitoring for a year. I found it add that they didn't send emails to their customers it would have been cheaper, easier, and faster. They certainly have my email address. Did anyone else get one of these? I contacted them yesterday no, response yet. |
|
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 7:01 am
|
|
|
Joined: 21 Mar 2019
Posts: 523
Location: Texas
|
|
yep, I got one. File 13 it went. In my opinion in today's world if you don't already have safety measures in place you are behind the power curve. |
|
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 12:37 pm
|
|
|
Joined: 17 Oct 2019
Posts: 456
Location: New Jersey
|
|
I’ve bought from them and got nothing. |
|
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 2:30 pm
|
|
|
Joined: 01 Oct 2007
Posts: 962
Location: Minnesota
|
|
Swampy16 wrote: |
I’ve bought from them and got nothing.
|
Ditto
I live 20 miles from them and stop there 3-4 times per year. |
|
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 4:05 pm
|
|
|
Joined: 21 Sep 2013
Posts: 136
Location: Fort Worth, TX
|
|
Yep, I got one too. |
_________________ A government that is big enough to give you anything you want is big enough to take everything you have.
Thomas Jefferson |
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 5:31 pm
|
|
|
Joined: 27 Sep 2015
Posts: 177
Location: Alabama
|
|
my concern was is the letter legitimate. Due to the fact it wasn't emailed, and I've never heard of IDX, If I contacted them as instructed would they now have all my info that I was trying to keep someone from stealing. |
|
|
|
|
|
|
|
Posted:
Fri Sep 09, 2022 6:26 pm
|
|
|
Joined: 09 Mar 2016
Posts: 756
Location: Mn.
|
|
T-Bird wrote: |
my concern was is the letter legitimate. Due to the fact it wasn't emailed, and I've never heard of IDX, If I contacted them as instructed would they now have all my info that I was trying to keep someone from stealing.
|
IDX and the letter are legit. Caution is always a good idea for data security. The bastages out there are using social engineering to try and trick people. Email is often used for Phishing so a letter is a bit more secure method to contact people. Not there is anything to prevent someone from typing in a Phishing link on paper. The link is:
https://response.idx.us/ballistic-products/
Of course I could have put a hidden link in that to redirect to a site to gather information. But I did not I wear a white hat not a black hat.
I did not get a letter or enrollment code but already have LifeLock through work as a benefit.
Swampy16 wrote: |
I’ve bought from them and got nothing.
|
FAQ
I did not receive a letter stating that my information was compromised, but feel that I should have.
The review of the data was extensive, and all of the affected individuals were notified by mailed letters that went out on September 1, 2022. Services are only being offered to those affected. |
|
|
|
|
|
|
|
Posted:
Sun Sep 11, 2022 6:22 am
|
|
|
|
I got the letter and took on the IDX program. |
|
|
|
|
|
|
|
Posted:
Sun Sep 11, 2022 6:46 am
|
|
|
Joined: 27 Jan 2016
Posts: 490
Location: Oswego, Kansas
|
|
I experienced a security breach a few months back after an order from BPI and had to get a change in my credit card number with the bank. No more orders from BPI for me. |
_________________ Sweet sixteen forever
LC Smith Field Grade
LC Smith Ideal Grade
CZ Ringneck
Win. Model 12
Rem M11
Stevens 235 |
|
|
|
|
|
|
Posted:
Sun Sep 11, 2022 6:53 am
|
|
|
|
Byron Whitlock wrote: |
I experienced a security breach a few months back after an order from BPI and had to get a change in my credit card number with the bank. No more orders from BPI for me.
|
Byron, I’ve been thinking the same. Isn’t this the 2nd time this has happened with Ballistic Products in the last year or so? |
|
|
|
|
|
|
|
Posted:
Sun Sep 11, 2022 7:30 am
|
|
|
Joined: 11 Jul 2021
Posts: 11
|
|
Yes, it is the second time for BPI. It also has happened at ShopRuger.com and my local eye doctor. I had to get a new CC because of fraudulent charges last month. |
|
|
|
|
|
|
|
Posted:
Sun Sep 11, 2022 8:03 am
|
|
|
Joined: 09 Mar 2016
Posts: 756
Location: Mn.
|
|
double vision wrote: |
Byron Whitlock wrote: |
I experienced a security breach a few months back after an order from BPI and had to get a change in my credit card number with the bank. No more orders from BPI for me.
|
Byron, I’ve been thinking the same. Isn’t this the 2nd time this has happened with Ballistic Products in the last year or so?
|
Dave no, the letters BPI had IDX and Freestyle send out are a result from the data breach between September 18, 2020 and February 3, 2022. Freestyle is the company that hosts BPI shopping cart and credit card processing system and they are a pretty big player in the field, they had multiple companies affected not just BPI. BPI is a pretty small company and does not have the resources to do their own hosting in house.
Most people would be shocked at how many sites their data has been breached. Some States have a searchable database and some are better than others. Attorney General of Montana has one of the better ones that is searchable.
https://dojmt.gov/consumer/databreach/
Most credit card companies offer virtual credit card numbers for online shopping and I will not use an online cart without one. My preference is to use 3 different ones in a round robin approach that way I can keep track of which one was used and just cancel the virtual card, not the main one.
It doesn't help for when you use your card in person at a gas pump or store and that database gets breached however.
Healthcare is the number one target for these scumbags because we have such a large dataset of individual information. Currently North Korea is using government sponsored malware attacks against the US private and public Healthcare systems.
20 to 15 years ago we had 2 people dedicated to information security. I was often asked to assist them as they felt I thought a lot like a black hat, in fact they often told me that I scared them LOL. Now we have more than 200 people dedicated to information security. Which started when China started using multiple mainframe computers to do a brute force attack against our firewall. They didn't breach it but came a knocking pretty hard and got close enough that it made the heart skip a beat or 2.
Don't want to poke the bear by saying that no one will ever breach where I work but we do have a lot of resources keeping the bad guys out. Most places I think it is more a matter of when will they get breached, not if.
Don't make any online purchases without a virtual card. If your CC company does not offer one then find one that does, most do now days. |
|
|
|
|
|
|
|
Posted:
Mon Sep 12, 2022 6:39 am
|
|
|
Joined: 27 Sep 2015
Posts: 177
Location: Alabama
|
|
|
|
|
|
|
Posted:
Tue Sep 13, 2022 1:37 am
|
|
|
Member
Joined: 04 Mar 2008
Posts: 1943
Location: Lowcountry Ga.
|
|
I'm surprised I'm not getting birthday cards from the gd hackers. We've had our data breached by hackers in Blue Cross Blue Shield and the IRS. And I got the BP letter last week. They said I got one before but it probably was treated like junk mail. Gil |
|
|
|
|
|
|
|
Posted:
Tue Sep 13, 2022 3:05 am
|
|
|
Member
Joined: 04 Mar 2008
Posts: 1943
Location: Lowcountry Ga.
|
|
The casualness which some health care providers routinely ask for SSN information drives me nuts. I had a local clinic refuse to provide a covid shot because I declined to give my SSN. Govt. regs permit the asking, but it is not required. I went to the local health department which didn't require the SSN.
Good idea about the virtual CC #. Gil |
|
|
|
|
|
|
|