Go Back   Rangefinderforum.com > Cameras / Gear / Photography > Being a Photographer > Business / Philosophy of Photography

Business / Philosophy of Photography Taking pics is one thing, but understanding why we take them, what they mean, what they are best used for, how they effect our reality -- all of these and more are important issues of the Philosophy of Photography. One of the best authors on the subject is Susan Sontag in her book "On Photography."

Reply
 
Thread Tools Search this Thread Display Modes

KEH credit / debit card security has been breached
Old 04-27-2016   #1
x-ray
Registered User
 
x-ray's Avatar
 
x-ray is offline
Join Date: Jun 2005
Location: Tennessee USA
Age: 70
Posts: 4,621
KEH credit / debit card security has been breached

For any of you that have done business with KEH recently, their computers have been breached and credit card and debit card information stolen.

I received a letter today explaining what has happened and recommended steps to protect your accounts. If you've done business with them you'll most likely receive the same letter.

I wound up calling my card company tonight and had the card canceled and a new one issued.

This is getting to be a routine procedure. Three times in the past 6 months my debit card has been breached and once on my credit card. Over the past couple of years I've had five incidents with my debit card and four with my credit card.
  Reply With Quote

Old 04-27-2016   #2
Bingley
Registered User
 
Bingley's Avatar
 
Bingley is offline
Join Date: Oct 2006
Location: Sacramento, California
Posts: 5,596
Many thanks for the heads up! I have not purchased anything from KEH real recently, but will be on the lookout for unauthorized transactions on my credit card.
__________________
Steve

FS: Zeiss-ZM Planar 50 plus hood, Pentax MX, Voigtlander Ultron 40/2.0 SLII in Pentax K-mount, Takumar 100/2.8 and 35/3.5 lenses: See my ads in Classifieds

M3, M2, R2A, IIIc, IVSB2, & T, and assorted LTM & M lenses
Minolta XD11, Pentax ME Super, and assorted MD Rokkor and Takumar lenses, Rolleicord III, Rolleicord Vb, Rolleiflex Automat MX-EVS

My Flickr
My Gallery
  Reply With Quote

Old 04-27-2016   #3
Ken Ford
Refuses to suffer fools
 
Ken Ford's Avatar
 
Ken Ford is offline
Join Date: Feb 2006
Location: Suburban Chicago, IL USA
Age: 56
Posts: 3,030
One of the reasons I use PayPal whenever possible online.
__________________
"If you can control yourself and just loathe us quietly from a distance then by all means stay." - Joe

Leica: M-P Typ 240 - M6 - Leicavit M - RapidWinder - Motor M - 21 Super-Elmar - 28 Ultron - 35 Summicron ASPH - 40 Summicron - 75 APO-Summicron ASPH - 75 Summarit-M - 75 Color-Heliar - 90 Elmar-C
Nikon RF: S2 - S3 2000 - 35/2.5 - 50/2 - 50/1.4 Millennium - 105/2.5 - 135/3.4
X-Pro2, X-M1, X100s, NEX-7, dp0 Quattro, N1V1, N1V2, oodles of other stuff
  Reply With Quote

Old 04-27-2016   #4
x-ray
Registered User
 
x-ray's Avatar
 
x-ray is offline
Join Date: Jun 2005
Location: Tennessee USA
Age: 70
Posts: 4,621
Seems like every company is vulnerably. The last breach of my CC was from Home Depot.

Basically I only use my credit card for online purchases and only keep one credit cards and two debit cards. It just makes it simpler to keep track of. Actually I'm now using cash locally whenever possible.
  Reply With Quote

Old 04-27-2016   #5
Bill Clark
Registered User
 
Bill Clark's Avatar
 
Bill Clark is offline
Join Date: Dec 2004
Location: Minnetonka, Minnesota
Age: 71
Posts: 2,501
Please read this on debit cards.

It's your choice.

http://money.usnews.com/money/blogs/...bly-forgetting
__________________
I make photographs as a return ticket to a moment otherwise gone.
  Reply With Quote

Old 04-27-2016   #6
splitimageview
Registered User
 
splitimageview is offline
Join Date: Jan 2014
Posts: 1,928
This is not good for many reasons, one of which is that smaller businesses are now being targeted. Which makes sense as they are less likely to be skilled at fending off these kinds of attacks...
  Reply With Quote

Old 04-27-2016   #7
x-ray
Registered User
 
x-ray's Avatar
 
x-ray is offline
Join Date: Jun 2005
Location: Tennessee USA
Age: 70
Posts: 4,621
Quote:
Originally Posted by Bill Clark View Post
Please read this on debit cards.

It's your choice.

http://money.usnews.com/money/blogs/...bly-forgetting
I keep only small amounts in my checking / debit account. I have 3 checking accounts and three savings in my credit union and keep most money distributed among three savings accounts. My primary checking / debit account is the one I keep a debit card on and really only keep what money I immediaty need in it plus a little cushion.

My credit union had been excellent in detecting fraud. Each time they've caught it immediately and called me within a few minutes to confirm the purchase. The last time I had been in my Post Office and mailed a package at the same time the thieves were attempting to make a purchase in Mexico.

Each time there's been fraud the credit union has stopped it cold as have my credit card company. That's not so say it won't go through sometime.

I've decided to rely more on cash locally. It worked years ago and will work today and I'll probably spend less.
  Reply With Quote

Old 04-27-2016   #8
CameraQuest
Head Bartender
 
CameraQuest is offline
Join Date: Mar 2005
Location: over the hills from Malibu
Posts: 5,683
Quote:
Originally Posted by x-ray View Post
For any of you that have done business with KEH recently, they're computers have been breached and credit card and debit card information stolen.

I received a letter today explaining what has happened and recommended steps to protect your accounts. If you've done business with them you'll most likely receive the same letter.

I wound up calling my card company tonight and had the card canceled and a new one issued.

This is getting to be a routine procedure. Three times in the past 6 months my debit card has been breached and once on my credit card. Over the past couple of years I've had five incidents with my debit card and four with my credit card.
Did KEH provide a time parameter for the stolen cards,
like sales after such a date ?
  Reply With Quote

Old 04-27-2016   #9
Steve M.
Registered User
 
Steve M. is offline
Join Date: Jun 2009
Posts: 3,309
I was concerned about the lack of bank protection on debit cards vs credit cards too. Fortunately, Bank of America told me that I would have exactly the same protection on my debit card as my credit card. They're probably one of the few banks that offer that. They get a lot of grief, and some of it is deserved, but they've been a good bank to us for over 22 years.
  Reply With Quote

Old 04-27-2016   #10
Brian Atherton
Registered User
 
Brian Atherton's Avatar
 
Brian Atherton is offline
Join Date: Oct 2012
Location: Based in Blighty
Posts: 525
Quote:
Originally Posted by Ken Ford View Post
One of the reasons I use PayPal whenever possible online.
I don't know about banking fraud protection in other countries, but those in the UK may wish to read this:

http://www.moneysavingexpert.com/cre...yPal-Section75
__________________
Brian

"Maintenant, mon ami !"
http://www.asingulareye.wordpress.com
  Reply With Quote

Old 04-27-2016   #11
colyn
ישו משיח בנו של אלוהים
 
colyn's Avatar
 
colyn is offline
Join Date: May 2006
Location: CowTown, Texas
Age: 66
Posts: 4,463
Quote:
Originally Posted by Bill Clark View Post
Please read this on debit cards.

It's your choice.

http://money.usnews.com/money/blogs/...bly-forgetting
Don't believe this. It's just another scare tactic. The bank is in fact liable for every penny you lose.... Credit card companies try to make you think a credit card is safer than a debit card which just is not true..

I've had money stolen from my bank twice through debit card fraud. Not $50 as credit card companies lead you to believe is the max you will get reimbursed. One was in excess of $1,000 and the bank returned it to my account before I left the bank then issued me a new card.

Banks are responsible for $100,000.00 per FDIC rules..
__________________
Colyn

The Lone Star State....

Leica M2 | M3 x 2 | IIIa x 2 | IIIc | IIIf black dial | Kodak Retina IIIc | Kodak Retina IIIC |


Flickr

My website

My Gallery
  Reply With Quote

Old 04-27-2016   #12
Mr_Flibble
Registered User
 
Mr_Flibble's Avatar
 
Mr_Flibble is offline
Join Date: Jul 2007
Location: The Lowlands
Age: 42
Posts: 4,051
I haven't done bought anything from KEH recently,
And it turns out it's a good thing I got a new card last month.
__________________
Rick - In Tabulas Argenteas Refero
Loaded with film: Certo Super-Dollina

Latest Toys: Darkroom supplies
  Reply With Quote

Old 04-28-2016   #13
Bill Clark
Registered User
 
Bill Clark's Avatar
 
Bill Clark is offline
Join Date: Dec 2004
Location: Minnetonka, Minnesota
Age: 71
Posts: 2,501
Here is information from the FTC site:

https://www.consumer.ftc.gov/article...nd-debit-cards

Problem, correct me if I'm wrong, for this type of purchase, buying on a www site, the debit card isn't stolen but the information to use it is where you type in the numbers with with your computer, then it's processed. If some one gets that information and starts using it, well I've been leary to use a debit card because if its a fraudulant purchase it dings your checking or whatever account it's linked to immediately where as credit cards have a grace period before payment is made either automatically or paid with in other ways.

Info. from FDIC site:

https://www.fdic.gov/consumers/consu...rdstopten.html

At any rate, something to consider, especially when buying over the internet.
__________________
I make photographs as a return ticket to a moment otherwise gone.
  Reply With Quote

Old 04-28-2016   #14
ColSebastianMoran
Registered User
 
ColSebastianMoran's Avatar
 
ColSebastianMoran is offline
Join Date: Sep 2010
Posts: 2,322
Bill, thanks for the link to the FTC site. Good information there. Things may be different in Europe.

Still, here in America, I believe it is easier to untangle fraudulent charges on a credit card than on a debit card. For example, a debit card breach might drain your funds; you might have to scramble to cover checks or restore a balance. With a credit card, card issuer has only sent you a bill, your money is still in your bank account.
__________________
Col. Sebastian Moran, ret. (not really)

In Classifieds Now: Nikon DX Fisheye, photos in this Flickr album.
Use this link to leave feedback for me.

Named "Best heavy-game shooter in the Eastern Empire." Clubs: Anglo-Indian, Tankerville, and Bagatelle Card Club.
Sony E/FE, Nikon dSLR, and iPhone digital. Misc film.
Birds, portraits, events, family. Mindfulness, reflection, creativity, and stance.
  Reply With Quote

Old 04-28-2016   #15
lynnb
Registered User
 
lynnb's Avatar
 
lynnb is offline
Join Date: Nov 2008
Location: Sydney
Posts: 8,396
I had one fraudulent transaction on our PayPal account a few years ago - it was for several thousand dollars in USD (I'm in Oz). I was reimbursed through my local bank credit card (linked to the PayPal account) because - and here's the trap - a refund via PayPal would have been for the amount in USD, however, currency movements between the fraudulent transaction date and refund date would have left me several hundred dollars (AUD) out of pocket if I had gone with PayPal resolution.
__________________
Lynn
happiest when shooting 35mm and 120 film
RFF Gallery
Flickr
  Reply With Quote

Old 04-28-2016   #16
bmattock
Registered User
 
bmattock's Avatar
 
bmattock is offline
Join Date: Jul 2003
Location: Detroit Area
Age: 58
Posts: 10,675
I have had my debit card used for fraudulent purchases. I reported it to my bank and they did fix it.

HOWEVER, they also froze my card and issued me a new one, and that took two weeks. So for two weeks, I had trouble filling my car with gasoline, etc.

It wasn't that I didn't get my money back - I did. It was that it was inconvenient for me since my debit card was the only way I had to pay for gasoline, etc. I avoid the use of credit cards. I have one and I don't use it - don't believe in debt.
__________________
Immanentizing the eschaton since 1987.
  Reply With Quote

Old 04-28-2016   #17
drew.saunders
Registered User
 
drew.saunders is offline
Join Date: Aug 2009
Posts: 300
Many credit cards (and probably debit cards as well) allow you to create one-time virtual credit cards. I have a Bank of America card that I keep locked up and only use for online purchases, and I always use their "Safe Banking" option. With it, I create a valid credit card number with a maximum spending limit that I set (usually to the exact amount of the purchase) and 2-12 month expiration date (2 is the default, and is generally fine). It will only allow the first vendor to charge against that number, all subsequent vendors will be denied, so if it's breached, it's useless to whoever gets that number. I could also, for example, make a virtual number and print it out and carry it with me on a trip if I had to make a purchase by phone while on vacation, or otherwise wanted a "disposable" credit card.

Say I'm going to buy something from KEH worth $100, and I had to put in the credit card info before taxes and shipping were calculated, I'd create a temporary card through BofA for about $150 with a 2-month expiration date. If that number got breached, and some other vendor tried to use it, it would be denied.

The good news is that Paypal always calls themselves "Paypal," so you can keep a 12-month card with them this way as a sort of running "tab" (and put a reasonable maximum, like $1000 or whatever you think you might spend with Paypal that year). The bad news is that Amazon payments shows up as a different vendor every time (maybe that's only if you buy from some other party through Amazon), so you may have to create a new virtual card for every purchase through Amazon.

I know Citi Cards offers virtual cards as well, as I used to use them for this purpose, but I switched to using my BofA card for the virtual cards because at the time the Citi Cards interface really sucked. It may have improved.
  Reply With Quote

Old 04-29-2016   #18
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 5,293
About two years go a large regional grocery store chain got hammered by credit card fraud. Everyone I knew had to get new cards! Our banks sent them via next-day delivery. This is one situation where using a large bank is convenient.

The thing is everyone's basic credit card info is for sale for for a fraction of a penny per card. What is slightly somewhat more valuable is the cards' three digit security code. It is standard procedure for businesses to silo the basic card data from the security code. Illicit card data with a security code might cost abut a nickel per card. Criminals who buy these lists initiate a low-price fraudulent purchase (less than $10). If the card owner does not detect and report the transaction, then they sell that data on the open market for more money. Still, the issuing bank has proprietary data mining technology that detects and halts potentially illicit transactions. The number of high-dollar losses is actually amazingly low.

The sad facts are it is probably cheaper for KEH to pay the costs required to remediate the fraud losses than to update their legacy IT infrastructure to a new, secure system. Even then the cost to properly administrate such a system is high. Right now hiring IT staff qualified to minimize risk is almost impossible because there aren't enough people with the requisite skills. Outsourcing is also rather expensive for the same reason.

The customer inconvenience factor is a low priority.
__________________
Basically, I mean, ah—well, let’s say that for me anyway when a photograph is interesting, it’s interesting because of the kind of photographic problem it states—which has to do with the . . . contest between content and form.
Garry Winogrand
williamchuttonjr.com
  Reply With Quote

Old 04-29-2016   #19
pagpow
Registered User
 
pagpow is offline
Join Date: Jul 2007
Posts: 992
Question.

If I pay by credit card through PayPal, is it true that the merchant does not "see" the credit card details, as PayPal says? This would mean that the info is not on the merchant's system and thus not at risk in a breach? Correct?

Does KEH take payment by PayPal?
  Reply With Quote

Old 04-29-2016   #20
Paulbe
Registered User
 
Paulbe is offline
Join Date: Jun 2005
Location: Suwanee. GA
Posts: 1,453
KEH definitely takes PayPal--that how I pay there---
Paul
  Reply With Quote

Old 04-29-2016   #21
Huss
Registered User
 
Huss is offline
Join Date: Sep 2014
Location: Venice, CA
Posts: 7,206
Just bought lens from them using Paypal.

Let's just hope paypal doesn't get breached... all these places are under attack all the time. "We" do it to everyone, everyone does it to us.
  Reply With Quote

Old 04-30-2016   #22
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 5,293
It turns out PayPal's IT security is excellent. This only means the likelihood of a breach is much lower compared to alternates. But it does mean something.
__________________
Basically, I mean, ah—well, let’s say that for me anyway when a photograph is interesting, it’s interesting because of the kind of photographic problem it states—which has to do with the . . . contest between content and form.
Garry Winogrand
williamchuttonjr.com
  Reply With Quote

Old 04-30-2016   #23
bluesun267
Registered User
 
bluesun267's Avatar
 
bluesun267 is offline
Join Date: Jul 2012
Posts: 217
I bought from KEH about 6 months ago--but haven't received any notice from them. What is the time frame of the security breech? Anyone know?
  Reply With Quote

Old 04-30-2016   #24
MrFujicaman
Registered User
 
MrFujicaman is offline
Join Date: Apr 2012
Age: 61
Posts: 680
Hmmmm....This might explain the call from my MasterCard issuer about fraud last week.

I keep that one card for online purchases-and it's been hacked 3 times in less than 3 year. This latest time, I'd had the card 3 weeks and it got hacked!
  Reply With Quote

Old 05-01-2016   #25
Ronald M
Registered User
 
Ronald M is offline
Join Date: Aug 2005
Posts: 4,485
Quote:
Originally Posted by x-ray View Post
Seems like every company is vulnerably. The last breach of my CC was from Home Depot.

Basically I only use my credit card for online purchases and only keep one credit cards and two debit cards. It just makes it simpler to keep track of. Actually I'm now using cash locally whenever possible.
Uncle Sam is doing his best to obsolete cash. Get ready. Notice there are no are bills . $100 is best you can do. I think it is an effort to stop money laundering.

I do PayPal. Also move money via Fidelity. My children have accounts. Deposit to their accounts in Chicago, and they pick up in Delaware. I wonder how all the crooks move cash to tax havens. The government pols always leave an open door for themselves.
  Reply With Quote

Old 05-01-2016   #26
Noll
Registered User
 
Noll's Avatar
 
Noll is offline
Join Date: Oct 2010
Location: Wisconsin
Posts: 493
A couple of months ago, I bought some accessories from KEH. A week or two later, my CC company called me up to ask if I had made a random $10 purchase someplace in Georgia (KEH's state), which I hadn't. They sent me a new card and I suspected at the time that it was connected to my KEH order.

Paypal or checking the option to besure no website saves your CC info is probably for the best.
  Reply With Quote

Old 05-01-2016   #27
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 5,293
While we are on the subject, never, ever initiate a wire transfer from a Windows computer.
__________________
Basically, I mean, ah—well, let’s say that for me anyway when a photograph is interesting, it’s interesting because of the kind of photographic problem it states—which has to do with the . . . contest between content and form.
Garry Winogrand
williamchuttonjr.com
  Reply With Quote

Old 05-01-2016   #28
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 5,293
Quote:
Originally Posted by Noll View Post
A couple of months ago, I bought some accessories from KEH. A week or two later, my CC company called me up to ask if I had made a random $10 purchase someplace in Georgia (KEH's state), which I hadn't. They sent me a new card and I suspected at the time that it was connected to my KEH order.

Paypal or checking the option to besure no website saves your CC info is probably for the best.
This is exactly the scenario I described in post #18 above. The random $10 purchase was the hurdle before someone could sell that card's data for more than a penny.
__________________
Basically, I mean, ah—well, let’s say that for me anyway when a photograph is interesting, it’s interesting because of the kind of photographic problem it states—which has to do with the . . . contest between content and form.
Garry Winogrand
williamchuttonjr.com
  Reply With Quote

Old 05-01-2016   #29
Argenticien
Dave
 
Argenticien is offline
Join Date: Apr 2008
Location: Charlotte, NC, USA
Posts: 569
I got the KEH letter as well. They offered 12 free months of credit monitoring through Kroll for those of us impacted. (That's a monitoring service I had never heard of, so I promptly Googled them and found varying opinions...) In my case, the monitoring will not be useful as oferred: I had recently had an order mailed to my girlfriend's address, and curiously KEH therefore set up the credit monitoring in her name, even though it was my credit card information that they had on file. I'll have to call and pester them to fix that.

The whole thing is a damn shame. KEH is a great firm, so I hope they are able to weather this and stay in business. Where else can you simply go online to immediately find and order a NOS 1970s Minolta old-logo-branded lens cap (to make a random example)?

--Dave
  Reply With Quote

Old 05-01-2016   #30
skibeerr
Registered User
 
skibeerr's Avatar
 
skibeerr is offline
Join Date: Apr 2007
Location: Melbourne Vic
Age: 57
Posts: 1,075
In OZ myself and I only have a Debit card.

Here the protection is the same as for a Credit card if you buy online, when you buy in a brick and mortar store you have to choose credit on the EFTPOS terminal to get creditcard protection so no tapping. Know it sound weird but there it is.
  Reply With Quote

Old 05-01-2016   #31
kbg32
neo-romanticist
 
kbg32's Avatar
 
kbg32 is offline
Join Date: Jan 2005
Location: New York, New York
Posts: 5,586
I just purchased a lens from KEH within the last 12 days. I haven't heard anything from them yet.
__________________
Keith

http://keithgoldstein.me/
Keith’s Gallery
  Reply With Quote

Old 05-01-2016   #32
Ronald M
Registered User
 
Ronald M is offline
Join Date: Aug 2005
Posts: 4,485
Lens and finder were recently purchased. No letter yet, but my card is canceled.

MC would rather send a new card than deal with a problem I suppose.

The latest MC was issued to 3 in our family, all different numbers but one account.
All they have to do is replace one card.
  Reply With Quote

Old 05-04-2016   #33
giganova
Registered User
 
giganova is offline
Join Date: May 2015
Location: Washington, DC
Posts: 1,322
My debit and credit cards are being breached every three months or so -- with or without chip. It's just something we have to get used to.

My tip: pick a branch that can print cards. My bank can give me a new card in less than 5 min!
  Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 08:29.


vBulletin skin developed by: eXtremepixels
Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.

All content on this site is Copyright Protected and owned by its respective owner. You may link to content on this site but you may not reproduce any of it in whole or part without written consent from its owner.