Around the Bay Area 23 Lucky’s stores had skimmers installed in one or their self-checkout registers. Story. Their reaction amply demonstrates why I hate that chain and never use it unless to get stuff unavailable in our Safeway.
They discovered the hack Nov. 11, and didn’t bother telling any customers until Nov. 23, because they weren’t sure. Their first response said that they had no confirmed accounts of money loss, which could only be because they didn’t believe any of the people saying they had lost money.
They have information about it on their web site, but not on the home page. You have to click a red button saying “customer alerts” to get to it - something I doubt the average visitor unaware of the problem is going to do.
No apologies, of course. If you call their service line, they take your information and tell you to close your bank account. Of course, anyone who used an ATM card in the self-checkout line is supposed to do this. My wife changed our PIN, and when she did it there were a lot of people at the bank doing the same. Compensation for the time and aggravation? Hah!
Our local store hadn’t posted any warnings until recently. His reaction to the request that they put more people on the regular checkout lines so that people need not use the self-checkout lines again is that Lucky’s can’t afford it.
Then there is the interesting question of how 23 stores got hacked without anyone noticing. The official reaction is that the employees thought it was a customer. Sure, customers always open up a register. I need to look up how skimmers work (these used wireless to transmit the stolen accounts) but I suspect that you can’t just throw them into the register. I’d think they’d need a power hookup, and maybe a hookup to the reader. Lucky’s claims that no employees are implicated, but that seems rather suspicious. The Secret Service is investigating. This doesn’t surprise me. When the self checkouts screw up, which is frequently, it takes forever to get someone to come. Our Safeway has someone posted there all the time.
It is widespread. Ten people in our neighborhood Yahoo Group have reported losing money from one store. I think 1500 have called in so far.
An expert quoted in the Merc said that the real root cause is
And finally, no apologies of course. Their customers should cancel their credit cards and close their accounts so that Lucky’s can do business as usual.
I have two remedies. 1. Boycott the place. If they go bankrupt maybe the stores will be bought by a company who gives a shit.
2. Get the Lucky’s executives and security people to a meeting in the store. A few of them, and lots of angry customers. Have it right by the pie section.
You seem to be confusing debit with credit. Debit cards are inherently unsafe compared to credit cards. There’d be no reason to cancel your credit card - if you used one and suspected your info was stolen you could report it and get a new card with different numbers. And even if there were fraudulent charges made on your credit card, you report it and you’re not on the hook for anything.
So to recap:
Debit card stolen along with PIN: thief can wipe out your entire account. There’s not a damn thing you can do about it, and you have no recourse.
Credit card stolen: minor inconvenience - make a 1-minute phone call to bank (or go online to report it) and wait for a new card in the mail. Pay/lose nothing.
So I think the better remedy is simply not to use debit cards.
Never said it did, but when you have the option of taking your financial security into your own hands so you don’t have to worry about stuff like this, why wouldn’t you seize it? Save yourself the aneurysm.
Let’s say I’m not sure I buy either of these. Not yet. 7-11 type stores I’ve been in don’t have self checkouts, for one thing.
Michael’s did get hit - but it seems not as badly, as did Amoco gas stations. I can kind of see a gas station, since the terminal is far from anybody, and it can be hacked in the dark or even when the station is closed.
Shit, got interrupted. No apologies deserves two items :smack: and the root cause was poor security at Lucky’s, which is trying to do with as few people as possible.
They have a policy of opening a new line when there are 3 people waiting - but they don’t make it clear they only do this when there are 3 people waiting at every line and the self-checkout.
Lucky’s is suggesting that people close their credit card accounts, not me. And Wells Fargo, which has a branch across the street from an affected store, is saying that if fraud can be demonstrated on the debit card they will make it up.
Now the nice thing about credit cards is that you can dispute the charge when it shows up, while for the debit card the money is already gone, so you are out it until it gets resolved.
We seldom use debit cards, except to get cash back and at CostCo. We also get 1% back on Discover, so it pays to use it. (Discover, you know my account number to send some money for using your slogan.)
How do you demonstrate it? That’s the tricky part.
And I get that you want Lucky’s to apologize to you but other than that, what do you actually expect from them? If it turns out you were personally affected by the skimmer and suffered measurable monetary damages as a result, then obviously you may have a claim against them. But if not?
This isn’t the case at my bank, and I strongly urge anyone who has no recourse in this situation to switch banks! I use a debit card with my Chase checking account, and on three separate occasions (one was a double charge that a merchant refused to resolve, one was a fraudulent Paypal transaction made by not-me, and then some random charge from a racetrack in Florida) I’ve had charges reversed. As long as you report fraudulent charges within a certain amount of time (I think I have three days to do it), your bank should be willing to work with you. If they’re not, fire their asses!
I’m with BOFA, I have several email alerts set up.
[ul]
[li]A weekly available balance.[/li][li]Any debit transaction of a $100 or more.[/li][li]Any online transaction.[/li][/ul]
We also have Chase and last year someone somehow got the number of my husbands debit card, then used it in Toronto (we were no where near there at the time). Chase actually called us and asked us if it we had made that charge, and then refunded my husband’s account. I think because the card has the VISA logo on it, it is backed up the same way as a credit card.