Midwest Supplies

Brewer's Friend 728
Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum

Help Support Homebrew Talk - Beer, Wine, Mead, & Cider Brewing Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
What a wonderful explanation. Now I do not own a computer. I use a not very smart smartphone. I ordered my supplies over the phone. That's when you call and talk to a real person. Like we did before computers. My card was used, or whatever you call it. I don't order online.
I guess I should have my phone checked for bugs? From the way you explained it technology can't be at fault.
 
pawpawdave said:
What a wonderful explanation. Now I do not own a computer. I use a not very smart smartphone. I ordered my supplies over the phone. That's when you call and talk to a real person. Like we did before computers. My card was used, or whatever you call it. I don't order online.
I guess I should have my phone checked for bugs? From the way you explained it technology can't be at fault.
Click to expand...

While possible, not likely. In that case I would say an employee is doing it.
 
MaxStout said:
Didn't think you could. But thanks for playing. :cross:
Click to expand...

You are aweful hostile towards a guy just giving his 2 cents based on 15 years working in this exact field. My info is a little outdated (2004) when I last was told. But here is a link to current civilian stats: http://www.statisticbrain.com/computer-virus-statistics/
However this only represents stats for serious viruses.
 
Marmike600 said:
There is seriously too many of us for it to be a coincidence. Get your head out of the sand.
Click to expand...

So, I'm just the lucky exception? Is it only a matter of time? Are they satisfied with what they are stealing from you, so they haven't bothered with me?

Our brains are designed (evolved, if you prefer) to see patterns, even when none exist. Randomness often does not appear so, particularly when the sample size is small.

If you really feel like MW is to blame, then don't shop there anymore, or use paypal, as has been suggested. However, you really ought not to libel them with your baseless accusations. Before you flame me, take a minute to think this over. You have no proof of anything other than that your card has been used fraudulently.

~10% of all Americans have been victims of CC fraud. There are thousands of people on HBT. It is likely that thousands of them have made CC purchases from MW. There are less than 20 people who have reported fraud in this thread (a thread that any active member would have easily seen). You really are jumping to conclusions.
 
I'm not going to flame you. My Son is the OP. I had the first problem on July 4th. As stated I ordered over the phone. Three days later he found out he had been hit. The only thing we had in common was MW orders. He was a member here and wondered if by chance anyone else had this in common. I bank with USAA. I made copies of this forum and faxed to them for their investigation. I hope whoever is doing this is caught.
 
sfgoat said:
You are aweful hostile towards a guy just giving his 2 cents based on 15 years working in this exact field. My info is a little outdated (2004) when I last was told. But here is a link to current civilian stats: http://www.statisticbrain.com/computer-virus-statistics/
However this only represents stats for serious viruses.
Click to expand...

It's tough for those of us who are computer / security savvy to judge what the average user does. I can agree with that 95% of uses have experienced some sort of virus or other invasive software. That doesn't mean that these users have CC problems because of them. Most of this malicious software is adware or info tracking software. I see this sort of thing on family & friends' computers often (the XYZ toolbar, which earns me points and also tracks everything I do online, to be sold to various interested companies).


The problems with this thread have been covered pretty well already. It's a homebrew forum - there will always be positive correlation with shopping at MW (until this thread drives business away from them and toward a possibly less secure site). It's anecdotal, not evidence. A crowd can very easily draw the wrong conclusion together.

On the other hand, it is not common for a relatively small group of people to have so many CC issues within the same timespan (unless it's a group very free with information and/or not entirely bright - but I certainly hope we don't tweet our own CC numbers for fun).

The CC tokening system MW uses is very secure. I wouldn't normally suspect that to be a problem - but since I know very little about their particular implementation, of course it's possible. If MW's servers were hacked, it could be a man-in-the-middle attack, diverting CC info away from the site; I assume this would have been looked at by MW during their investigation. As others have said, it could also be any of the other sites in-between, including the consumers themselves.

Unfortunately, there's not much we can do *as* consumers. As mentioned... (1) Use PayPal (I always do when I can... and have never had security problems). (2) Use temporary CC numbers if your bank offers them. (3) Do not save card information, regardless of system security. (4) Never use credit cards on any small website (not just MW) without a secure 3rd party you trust (like PayPal). ~~ Following these general rules has kept my cards as safe as they can be... and that's the best I can do. There's still the possibilty my card could be stolen at any convenience store.

The only thing that isn't rational (but could certainly be caused by this thread) is to avoid business with MW. You're no safer elsewhere and there's not much proof that MW has a problem...
 
malweth said:
It's tough for those of us who are computer / security savvy to judge what the average user does. I can agree with that 95% of uses have experienced some sort of virus or other invasive software. That doesn't mean that these users have CC problems because of them. Most of this malicious software is adware or info tracking software. I see this sort of thing on family & friends' computers often (the XYZ toolbar, which earns me points and also tracks everything I do online, to be sold to various interested companies).

The problems with this thread have been covered pretty well already. It's a homebrew forum - there will always be positive correlation with shopping at MW (until this thread drives business away from them and toward a possibly less secure site). It's anecdotal, not evidence. A crowd can very easily draw the wrong conclusion together.

On the other hand, it is not common for a relatively small group of people to have so many CC issues within the same timespan (unless it's a group very free with information and/or not entirely bright - but I certainly hope we don't tweet our own CC numbers for fun).

The CC tokening system MW uses is very secure. I wouldn't normally suspect that to be a problem - but since I know very little about their particular implementation, of course it's possible. If MW's servers were hacked, it could be a man-in-the-middle attack, diverting CC info away from the site; I assume this would have been looked at by MW during their investigation. As others have said, it could also be any of the other sites in-between, including the consumers themselves.

Unfortunately, there's not much we can do *as* consumers. As mentioned... (1) Use PayPal (I always do when I can... and have never had security problems). (2) Use temporary CC numbers if your bank offers them. (3) Do not save card information, regardless of system security. (4) Never use credit cards on any small website (not just MW) without a secure 3rd party you trust (like PayPal). ~~ Following these general rules has kept my cards as safe as they can be... and that's the best I can do. There's still the possibilty my card could be stolen at any convenience store.

The only thing that isn't rational (but could certainly be caused by this thread) is to avoid business with MW. You're no safer elsewhere and there's not much proof that MW has a problem...
Click to expand...

You said it better than I could. (I'm not very good at social dialect) but you hit what I was trying to say on the head. Thank you.
 
I'm not buying the coincidence argument. I'm not saying MW is at fault. I'm saying that there seems to be a good chance of getting your CC number lifted if you place an order there. While I normally have 5-10 CC transactions per day, it just so happens that I only had ONE authorized on 7/28 and that's with midwest. That very same day someone makes a copy card and runs around with it. I suspect it's not just one person but a group that shares or sells card numbers because charges happened in Florida and Maryland at brick and mortar stores simultaneously.

Also, the people reporting this issue here are probably a very small portion of the people it has happened to. I know HBT is big, but there are plenty of homebrewers out there who don't use HBT regularly.
 
Bobby_M said:
I'm not buying the coincidence argument.
Click to expand...

I don't think it's a coincidence that you have this opinion and have a vendor account that sells in direct competition to Midwest.

Seriously, given the somewhat blatant conflict of interest, vendors shouldn't be commenting on other vendors in a thread like this.
 
I'm very curious about what the grieved parties here would like to see from Midwest. What, specifically, could they do that would possibly convince you that they are not responsible for your credit card problems?
 
evrose said:
I don't think it's a coincidence that you have this opinion and have a vendor account that sells in direct competition to Midwest.

Seriously, given the somewhat blatant conflict of interest, vendors shouldn't be commenting on other vendors in a thread like this.
Click to expand...

I can scan in my midwest receipt and also show you a copy/paste out of my visa ledger if you're really accusing me of slandering a competitor for unethical reasons. There are enough people on this forum who know me for long enough, and well enough, who can vouch for my ethics.

This is a thread about customers having problems with credit card fraud. I am a customer in that respect, and I've had the same problem. Period.
 
Add me to the list of compromised credit cards also.
Mine was a Discover card.
Three charges showed up today as pending payments, and Discover immediately texted about an issue.
Match.com, gymboree.com and valve software were the three charges.
Edit - now a charge from amazon.com for $1 is showing up also.

I'm not saying that Midwest is to blame, but possibly the company these use for credit card charge processing was hacked. We've never had an issue with our card. I ordered the pinlock keg deal a few weeks ago from Midwest, and now I'm part of this problem.
 
I am not jumping on Midwest with this post nor do I claim to know anything about I.T.
But, my Master Card went bust yesterday with a $30.00 purchase to some Gaming/Software outfit with an additional $1.00.00 charge to some accounting place. Purchased kegs from Midwest beginning of July, having not used the card in months, but I also made a subsequent single purchase at Home Depot and at Brew and Grow.
Only posting this to say that for the meantime anyway, I will be ressurecting my old PayPal Account.
For what its worth, my experience with Midwest has always been good, I beleive they are an ethical company and I will continue to patronize them, but I will not be using my credit card to do so.
 
Add me to the list as well. I've only used my card in 2 places in the last 3 months. One was a gas station, which I went inside and paid at the register. The other was at Midwest for the 4 pin lock keg deal. Just got a call from Discover this morning that $1 had been charged at iTunes / Payroll. Went ahead and got my card cancelled. Bad thing is I have two more of my cards on there saved. I guess I need to go ahead and proactively cancel those just in case.

Also, not slamming Midwest in any way. I love those guys. They have fantastic custom service. Just want to add to the list here.
 
After Austin Homebrew's payment processor got hacked a couple years back (I'm the guy who started that particular thread), I've been sticking to PayPal for every dang thing I can online. It's tough to see when you're the one directly impacted by it, but Midwest (if they or one of their partners are indeed the source of a breach) are every bit as much a victim as the folks who's card info was stolen.

In the meantime, if you shop anywhere with a card - online or off (SWMBO had her debit card numbers stolen somewhere about a year ago, and NEVER uses that online) - keep an eye out for suspicious charges and try to use the most secure options available to you whenever you can. PayPal is a good option when available, and those single-use credit card numbers sound like a great option if your card company offers them. But remember that this stuff, sadly, happens every day and all over the place. Chances are it'll happen to you sooner or later - it's a major inconcenience, but Visa/Mastercard/Discover/Amex will take care of you through it, and things will work out.
 
Not saying Midwest is the source but my card was also compromised and I had the information saved on the Midwest site. Started with a $1 charge for Star Wars The Old Republic online game and then two $39.99 charges from the same place. Then Meijer.com, shopatron.com and golfgalaxy.com. Golf galaxy caught it and canceled. My bank has the other charges flagged as fraud. This is my most used card so it could have come from a number of places but Golf Galaxy told me that they had my phone number, billing information and security code so that knocks a lot of places off the list and leaves only companies with whom I have my information stored.
 
I see you point about a potential conflict of interest.
However, with all the support and help Bobby_M provides the community I think is public image is very well intact. He is exactly the type of person I like to do business with. Someone we gives back to the community with his experience. He seems to genuinely want to help people and provide them with quality products.
 
evrose, I'm just gonna go and point out the fact that the overlap between what BobbyM sells and what MidWest sells is pretty small. And if you're really going to make yourself a note not to deal with BobbyM in the future over his comments here, it's your loss - he's a stand-up guy.
 
mcl said:
I see you point about a potential conflict of interest.
However, with all the support and help Bobby_M provides the community I think is public image is very well intact. He is exactly the type of person I like to do business with. Someone we gives back to the community with his experience. He seems to genuinely want to help people and provide them with quality products.
Click to expand...

Fair enough, I'll edit my last comment... but still... being newer here, that's not obvious to me... and my previous point stands. When you're a vendor, you have a different status than that unwashed masses - and that's something one should be careful of.

Anyhow - my point was made I think. Bobby - I'll call a truce. I don't think you were intentionally going out of your way to say bad things about a competitor. Take care.
 
Add me to the list as well. All of the fraudulent charges were made on my account between the 2nd and the 5th. I was notified of suspicious activity on my account by my credit card company on Monday and fortunately the larger charge attempts were reversed and or declined. Apparently the fraudulent charges would have racked up to about $1000 if my card company hadnt froze my account. One of the charges was for close to $500 in Sephora, which I had to ask what it is, and is apparently makeup.
 
Update on my experience...
SWMBO talked to Discover this morning.
Our account is frozen for 5 - 7 days.
We have new cards coming with new numbers, and our information has to be updated anywhere we have autopay enrolled, which is quite a few places.
They'll apparently do a 90 day investigation to see if they can determine who/when/how/etc the numbers were obtained.

SWMBO is pissed - and it's all my fault for ordering beer stuff. :confused:
 
Dr_Beersgood_Quaffenstein said:
Add me to the list as well. All of the fraudulent charges were made on my account between the 2nd and the 5th. I was notified of suspicious activity on my account by my credit card company on Monday and fortunately the larger charge attempts were reversed and or declined. Apparently the fraudulent charges would have racked up to about $1000 if my card company hadnt froze my account. One of the charges was for close to $500 in Sephora, which I had to ask what it is, and is apparently makeup.
Click to expand...

Mine were all the second to the fifth as well. Was your first charge for like $1 or something really small at Payroll, Apple, iTunes, or SWTOR.com?
 
Just read through the whole thread and thought I could add to the information here. I got a call Monday morning from Golf Galaxy saying they caught the sale and had it canceled. California IP address with the goods shipped to Delaware. They said the person ordering had my billing information, phone number, and security code. Thus, this couldn't be the result of a card swipe at a store but has to be something online where all of my information is input into the payment authorization. The only online charges I have charged on this card in the past 6 months are Amazon and Midwest Supplies. I love Midwest Supplies and will still continue ordering from them (albeit via PayPal) but its hard not to connect the dots. My brewing partner also posted in this thread and his card was also compromised within days of mine (different banks).
 
dgrums said:
Mine were all the second to the fifth as well. Was your first charge for like $1 or something really small at Payroll, Apple, iTunes, or SWTOR.com?
Click to expand...

Yes. When my credit card company called me they told me there were two suspicious charges for $1.00 for Payroll and something Yahoo related before I got hammered with the larger charges that brought the fraudulent charges to about $1000.
 
I am a web developer of various types of sites (including ecommerce sites), and several years ago one of my major ecommerce client sites was hacked using sql injection techniques to eventually gain access to admin tools. They ran off with an absurd number of cc numbers over a several week span before it was noticed; they had hacked one of the processing pages to send the cc data entered into the form as an email to a remote recipient.

So, there does not need to be any magic involved. Once you have a key part of a system breached, you're in and can do ANYTHING you want, and none of it is magical or complex.
 
Add me to the list too. My wife never uses her card and she bought me five kits from Midwest as a present to me and a month later someone was using her card. She never uses it for anything but that one order from Midwest.

I will not order from Midwest again! Plus their shipping rates are horrible!
 
njs170 said:
Add me to the list too. My wife never uses her card and she bought me five kits from Midwest as a present to me and a month later someone was using her card. She never uses it for anything but that one order from Midwest.

I will not order from Midwest again! Plus their shipping rates are horrible!
Click to expand...

I wouldn't go that far as Midwest is a pretty good company. I'll continue to use them as they have great customer service. I'll probably just use PayPal until they get stuff figured out.
 
negativereaction said:
I am a web developer of various types of sites (including ecommerce sites), and several years ago one of my major ecommerce client sites was hacked using sql injection techniques to eventually gain access to admin tools. They ran off with an absurd number of cc numbers over a several week span before it was noticed; they had hacked one of the processing pages to send the cc data entered into the form as an email to a remote recipient.

So, there does not need to be any magic involved. Once you have a key part of a system breached, you're in and can do ANYTHING you want, and none of it is magical or complex.
Click to expand...

To add to your point....The vast majority of e-commerce sites today are run off of open source software. So once an exploit is found it can be replicated site-to-site pretty quickly. People who are not in the industry may not understand how assimilated web development has become.

Someone asked what we wanted/expected from Midwest. I don't want a thing. I just disagree with their conclusion on 7/8 that mine and my dad's fraudulent charges are not related to our MW purchase.

I want to see an email blast from MW surveying their customer base to find just how wide spread this problem is.
 
MikeMSD said:
I'll probably just use PayPal until they get stuff figured out.
Click to expand...

I think that is the best take-away point from this whole snafu.

Even though I haven't been hit by this, I have to admit that this thread has made me re-think my online credit card use. Whether it's Midwest, Amazon, Ebay, whatever...going forward, I will now start using PayPal for my purchases. While my CC company has protections in place for this sort of thing, it's just not worth the hassle.
 
I placed an order last week with Midwest via Paypal and it shipped the next day.

Good to see their shipping issues are (hopefully) a thing of the past.
 
I ordered from Midwest many times before with great success. However, I placed an order a couple of weeks ago on some components that I needed to have delivered in exactly 8 days. I ordered on a Thursday...the items did not "ship" out until Monday at 6pm....it wasn't even on the UPS truck until Tuesday. Needless to say my items did not come on time. I wrote the company an email about their lack of timeliness shipping items and received no reply. Looks like my money will be spent elsewhere from now on...
 
ECUmedford said:
To add to your point....The vast majority of e-commerce sites today are run off of open source software. So once an exploit is found it can be replicated site-to-site pretty quickly. People who are not in the industry may not understand how assimilated web development has become.

Someone asked what we wanted/expected from Midwest. I don't want a thing. I just disagree with their conclusion on 7/8 that mine and my dad's fraudulent charges are not related to our MW purchase.

I want to see an email blast from MW surveying their customer base to find just how wide spread this problem is.
Click to expand...

So you do want something :D I get your point though, in situations like this where it is something outside of the companies control that has gone wrong the best thing they can do is give the assurance that they take it seriously. And correct me if I am wrong but it seems like MW was not doing that by ignoring your concerns in the first place!
 
I've had 11 successful orders with MW in the past 6 months. Yes, the 50-lb grain bags usually arrive in thoroughly thrashed boxes (well, mostly in...). Still, I've not lost a single grain in shipping. Shipping has always been reasonably prompt, with all orders arriving the next week (I'm in CO, so it's not a huge cross-country trek). The liquid yeast I've ordered has all been still chilled, though I've recently switched to dry because the extra price and effort just isn't worthwhile. The shipping charges are a bit steep, but I'm in the middle of nowhere, so I accept that as the price of doing business.
 
I'm glad that I stopped using Midwest after their major shipping issues. I got burned several years ago when Austin Homebrew was hacked, the difference between them and Midwest is that the owner admitted the card numbers were stolen, apologized for it, and gave discounts to everyone that it happened to. It's a business, many businesses get hacked every day, it's a fact of life, at least Austin owned up to it and apologized. As far as Bobby M getting attacked, I've been doing business with him for years and will continue doing so, as someone else already mentioned, he's also a homebrewer who has helped 100's of people on this forum with both his great advice and great products, I have improved my homebrew with both.
 
My Amex was also hit this past Sunday. Mostly online sites, Hulu, GameStop, etc. I ordered for the first time from MW on May 30th this year. Seems like the same attack regardless of whether it was from a MW breach or not. I can't say it's directly connected, but the timing of my card being hit is the same as many on this thread. I do also use that card on amazon which many mention as well. I hope we hear something definitive.
 
<bad joke> Its a conspiracy. PayPal hacked all these cards so people use it as their only way to buy things online. </bad joke>

I kid. Sites get hacked, cards get stolen. CC numbers get stolen quite often. I wouldn't stop using MW or any other major homebrew supply company solely for the coincedence that several people on a homebrewing site all noticed their cards having been compromised. The time to really worry about it is when a company does not take a report that someone/people who purchased from them have had a compromise seriously and look into their systems for vulnerabilities and do what they can to harden those systems.
 

Similar threads

heathm922
Heath's New Member Introduction
Replies
1
Views
257
wallyLOZ
wallyLOZ
Gunshowgreg
Pepsi Company, CO2 bottle exchange
Replies
14
Views
888
Gunshowgreg
Gunshowgreg
BeerNsteadofH2O
Mash hopping
Replies
2
Views
762
Tomahawk47
Tomahawk47
J
Pectic Enzyme and what brand yeast to use
Replies
13
Views
570
Johnny2
J
hilljack13
Bottled water only option for now
Replies
28
Views
1K
hotbeer
hotbeer
CornyKegs 300

Latest posts

Back
Top