addiscombe.org

[PeteS]

I'm not sure if any of you ever order from Wiggle but take note of this cautionary tale

Just before Christmas I was sent an email from Wiggle stating that if I recommended someone to buy from their site I would get vouchers to spend on goods. I duly sorted out with my partner Robin that she should order some gear using her card but getting it sent to my address which went smoothly.

Last week however, she got a load of stuff delivered from the Next directory, a DVD player from the shopping channel and a letter from Paul Smith asking her to confirm that she really wanted the designer clothes that they had received an order for. Apparently because a delivery address other than the one for the bank card was used, this flagged up a possible fraud on their system

Naturally, she contacted her bank, they stopped her card and the goods have gone back but if the 'thief' had been able to get the stuff delivered to him as he wanted, then Rob would have had a job getting her money back.

Paul Smith have given her the details of who had ordered on her behalf and according to the internet order they used my name but with an address in Thornton Heath.

The only link between both our details with bank numbers etc is Wiggle. I've looked this morning on a cycling website and it seems that Wiggle have a huge problem with internet security with many people being stung in various ways. Be warned!!

[Matthew Ives]

There were loads of people that got stung just before xmas.
Apparently Wiggle kept peoples CC details on their servers and they got hacked. They never admitted it, mind you, but thee were loads of people complaining about it.
I think they've tightened up since then.

[sid_day]

The current advice is:

Never allow a web site to store your card details.

I think it is pretty bad for an company with a turn over the size of Wiggle to be vulnerable.

[PeteS]

I contacted Wiggle to tell them what had happened, just had a reply from their MD, basic message being "It's not our fault mate", I think I'll stick to the sometimes miserable GB Cycles, not the cheapest but at least you can see your credit card.

[Matthew Ives]

Do a search over at Cycling Plus forum.
There was a whole swathe of people threatening legal action at one point.
You could get some more info on where they are in this.

[Elliot M]

i don't see what legal action you could take if you haven't lost anything?

it's the credit card company's money that's been spent, not yours. and it's the vendor who takes the hit.

you report the fraud to your CC, they claim it off the vendor, who pay up, lose the cost of the goods and if they have any sense, they take more care next time. pretty obvious it's fraud if the delivery address isn't yours.

extremely annoying though. happened 4 times to me in about 4 years.

[Marek]

My card got cloned a couple of weeks ago and I used Wiggle for the first time about a month ago. Maybe that is where they got my details as I could not work it out how they had been taken.

I may have a word with the bank about Wiggle then.

Cheers

Marek...

[SimonH]

I know a couple of people with exactly the same thing, used wiggle in the last month or so (wiggle being the only web site they've used recently)and card info cloned. Not good !

[Andrew G]

Last used Wiggle Feb 19th.
Call today from credit card company to say £700 was spent today, over phone so they'll have a delivery address to track thieving so-and-so .
Coincidense?

[Will]

I got done by Wiggle (last year) as well

Fortunately CC company sorted it all out

[Sylv]

Don't know if wiggle has restaured 100% customer confidence, but they still can't be beaten for price.

If you're looking for some replacement wheels, I'd recommend the Shimano Dura Ace clinchers. They are down to £269 a pair! (They once were over £500)

Not super light at around 1600gm, but tough as nails. Have has mine for a year and a half and they have not gone out of true once despite hitting some scary potholes, and the bearings seem to be good as new.

[Phil L]

I worked for an internet company back in the dot com boom days and was put in charge of developing new software to detect fraud. It was interesting stuff trying to put the checks in to beat the fraudsters who were usually using stolen credit card details.

As a card holder you are perfectly protected since internet transactions are performed as "cardholder not present", i.e. no signature (back in those days) or PIN these days - so the card company will cough up on any fraud on your card (as long as it wasn't delivered to your billing address). It is down to the Vendor to check that there is no fraud being committed who can be stung very badly with charge backs and fines from the likes of Visa if they allow too many fraudulent transaction to get through.

With respect to them protecting your data - your personal details along with address and card details should be encrypted in the database and the security code on the back of the card should not be stored. Databases shouldn't be easy things to hack into either. If Wiggle are taking these precautions properly, and have the right level of security in place, then consider it an inside job that this information is getting out to the fraudsters. Otherwise it explains why they can sell stuff so cheap because they have zero investment in protecting you.

By the way - being present at your transcation doesn't make you any safer. Petrol stations have been recently been hit with attendants (allegedly with Tamal Tiger links) skimming cards in order to clone them and filming you entering your PIN via their CCTV cameras.

[mrP(Boonen)VT]

It's a scary world out there.

[Bo-Gilly]

" but they still can't be beaten for price. "

IMHO they often are by Chain Reaction Cycles, and also by Merlin Cycles for MTB bits.

BTW if you google products ( used to be froogle ) you'll find they're sometimes beaten by Evans and De Ver Cycles ! !

[Brian Robinson]

Hope Wiggle have sorted out their payment problem.

I've just left my job and as part of my leaving present received £100 in Wiggle vouchers . Bought a new Giro helmet and a pair of endura overeshoes with them today.

Unfortunately, couldn't acquire them without first inputting my credit card details . Interestingly they had a HACKER free icon.....clearly trying to demonstrate their improved security....wait and see.

Bri