User Panel
Posted: 4/29/2016 5:23:05 PM EDT
True or not? Apparently customer ID images, FFL images, order history were compromised; and AIM sent notice to affected customers. I have not been notified yet.
-- Edit to add: The notification letter was waiting for me when I got home. |
|
Got my notice today. Thought I won a raffle or something.... guess not
|
|
|
WTF! Yea, I got a letter today, among all of the other shit going on, I can't believe in this day and age business' are still being reactive instead of proactive. Oh yea, you'll never get a fucking penny from me again, ever. |
|
|
|
Quoted:
AIM sent notice to affected customers. I have not been notified yet. View Quote How would they know whos information was compromised, and whos wasnt... Nice way to start a weekend. |
|
In the letter it says certain images? What does that mean? That it was only a few people affected and you don't know who?
|
|
|
I received a letter as well. I am honestly torn between appreciation of prior excellent service and a feeling of betrayal. I would have expected a class act like AIM to extend its professionalism to all areas.
It would have been nice to know if it was FFL, drivers license, or both that was compromised |
|
This shit happens to all companies and even the feds. I'm sure AIM was doing what they could and it wasn't just because they were cheaping out on security.
|
|
Quoted:
This shit happens to all companies and even the feds. I'm sure AIM was doing what they could and it wasn't just because they were cheaping out on security. View Quote I like to imagine AIM (and most companies that make any kind of $) pays someone to host and monitor their site and it's not really some old HP computer running IIS in a broom closet in back of the shop. |
|
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us.
|
|
Quoted:
WTF! Yea, I got a letter today, among all of the other shit going on, I can't believe in this day and age business' are still being reactive instead of proactive. Oh yea, you'll never get a fucking penny from me again, ever. View Quote You cant be serious? Or maybe you are just new to the internet and data protection. |
|
No letter for me yet.
One thing i do not mess around with is my credit or my identity being compromised. Not cool.Glad i froze my credit last month. |
|
I hope that I don't end up with one of these letters, and honestly, I'll be pretty pissed if I do. However AIM's service has always been stellar over the last 10 years and many, many, thousands of dollars worth of orders. This will not affect my doing business with AIM and I hope that this will lead to a substantially more secure system.
Just about every organization in the world, from multi billion dollar giants like Target, to the federal government, to the little guys, is vulnerable, and it's nearly impossible to make things 100% secure and still usable. Aim's response seems to be appropriate. |
|
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. View Quote So if you did not receive a letter you don't have anything to worry about? |
|
Actually it's worse then simple credit card theft. Our drivers drivers license had our SS# License # on it. Now this stuff is out there and can do real damage. It's kinda ridiculous we needed to upload it to a website. Aim is the only site i have ever had to do this with. And they apparently didn't kept this information secure or think it was important enough to keep extra safe. One year of credit monitoring is a joke. This information is out there and i can't just change it like a credit card number.
|
|
Quoted:
So if you did not receive a letter you don't have anything to worry about? View Quote View All Quotes View All Quotes Quoted:
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. So if you did not receive a letter you don't have anything to worry about? if that's what you are thinking, it's a bad idea... forensics on compromised systems are inherently unreliable, so your best course of action is to assume that they have EVERYTHING you uploaded to AIM. ar-jedi |
|
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. View Quote Are you sending letters only? I never updated my account with my new address, have you attempted to contact those affected via email or phone? Should i email customer service? |
|
|
Quoted:
Aim, please answer this. I haven't received a letter yet, but my info has been uploaded to your site for years. View Quote View All Quotes View All Quotes Quoted:
Quoted:
In the letter it says certain images? What does that mean? That it was only a few people affected and you don't know who? Aim, please answer this. I haven't received a letter yet, but my info has been uploaded to your site for years. Same situation here. I've been ordering from AIM for years... and have at least two pieces of ID on file. |
|
Also, I just checked my account and my ID and ffl info have been deleted, and it now says DO NOT UPLOAD PERSONAL INFORMATION on the upload pages.
Does this mean the website is still not secure? |
|
Quoted:
Actually it's worse then simple credit card theft. Our drivers drivers license had our SS# License # on it. Now this stuff is out there and can do real damage. It's kinda ridiculous we needed to upload it to a website. Aim is the only site i have ever had to do this with. And they apparently didn't kept this information secure or think it was important enough to keep extra safe. One year of credit monitoring is a joke. This information is out there and i can't just change it like a credit card number. View Quote Oh man,i didnt know some states still put a SS# on DL. Do a credit freeze ASAP |
|
Quoted:
This shit happens to all companies and even the feds. I'm sure AIM was doing what they could and it wasn't just because they were cheaping out on security. View Quote The reason it happens is because nobody thinks it will happen to them and don't want to pay for better security measures, if they even have any in place. Most companies are not proactive when it comes to security, this is just a reminder of that, period. I know, it's what I do for a living. Most people would go to war if they only knew the shit I know about our information and how it's so easily mishandled and basically handed over to criminals. |
|
Quoted:
You cant be serious? Or maybe you are just new to the internet and data protection. View Quote View All Quotes View All Quotes Quoted:
Quoted:
WTF! Yea, I got a letter today, among all of the other shit going on, I can't believe in this day and age business' are still being reactive instead of proactive. Oh yea, you'll never get a fucking penny from me again, ever. You cant be serious? Or maybe you are just new to the internet and data protection. Yes, I'm serious and it's fucking bullshit that they can't keep our information secure, it's about money and the lowest bidder. Who the fuck do you think compromises the majority of credit card fraud? The fucking people that handle the transactions, smart ass. |
|
Quoted:
Actually it's worse then simple credit card theft. Our drivers drivers license had our SS# License # on it. Now this stuff is out there and can do real damage. It's kinda ridiculous we needed to upload it to a website. Aim is the only site i have ever had to do this with. And they apparently didn't kept this information secure or think it was important enough to keep extra safe. One year of credit monitoring is a joke. This information is out there and i can't just change it like a credit card number. View Quote Ohio hasn't had a SS# on our drivers license in what 15+ years? Did you send them a copy of a 15 + year old expired license or something? |
|
My account info no longer has a scanned picture of my drivers license.
|
|
|
Quoted:
Same here. I appreciate them doing this proactively. Also, no one really knows what happened yet and if AIM's reputation is anything to go on it isn't because of negligence. View Quote View All Quotes View All Quotes Quoted:
Quoted:
My account info no longer has a scanned picture of my drivers license. Same here. I appreciate them doing this proactively. Also, no one really knows what happened yet and if AIM's reputation is anything to go on it isn't because of negligence. It has every fucking thing to do with their negligence. This is bullshit and they fucked up big time |
|
They are deleting Facebook posts about it as well. Classic arms style. My wallet will be happy I will never order from them again. They will lock this thread down shortly I'm guessing.
|
|
Quoted:
This shit happens to all companies and even the feds. I'm sure AIM was doing what they could and it wasn't just because they were cheaping out on security. View Quote I think the problem is the fact that this information (drivers license image) isn't technically required for ammunition purchases in the first place (and certainly not indefinite storage of those documents). If you choose to put additional company requirements in place over and above what the law requires, it is your responsibility as a company to keep that information secured. There are plenty of reputable dealers that do not require photo image submission and it looks like AIM really dropped the ball on this. I'll take responsibility in that I chose to do business with AIM and voluntarily shared that information with them. That being said, the only reason I considered uploading the "required" information was because I thought AIM had a handle on it based on their excellent customer service record. Now I'm sorry I made an exception. |
|
Quoted:
WTF! Yea, I got a letter today, among all of the other shit going on, I can't believe in this day and age business' are still being reactive instead of proactive. Oh yea, you'll never get a fucking penny from me again, ever. View Quote My card got ripped off at a grocery store and I still shop there. My card got ripped off at Home Depot and I still shop there. It's part of life in the internet age, get over it. |
|
Quoted:
My card got ripped off at a grocery store and I still shop there. My card got ripped off at Home Depot and I still shop there. It's part of life in the internet age, get over it. View Quote View All Quotes View All Quotes Quoted:
Quoted:
WTF! Yea, I got a letter today, among all of the other shit going on, I can't believe in this day and age business' are still being reactive instead of proactive. Oh yea, you'll never get a fucking penny from me again, ever. My card got ripped off at a grocery store and I still shop there. My card got ripped off at Home Depot and I still shop there. It's part of life in the internet age, get over it. If your driver's license was ripped off at a grocery store because a store worker left it sitting around for somebody to find, would you still shop there? |
|
Quoted:
I think the problem is the fact that this information (drivers license image) isn't technically required for ammunition purchases in the first place (and certainly not indefinite storage of those documents). If you choose to put additional company requirements in place over and above what the law requires, it is your responsibility as a company to keep that information secured. There are plenty of reputable dealers that do not require photo image submission and it looks like AIM really dropped the ball on this. I'll take responsibility in that I chose to do business with AIM and voluntarily shared that information with them. That being said, the only reason I considered uploading the "required" information was because I thought AIM had a handle on it based on their excellent customer service record. Now I'm sorry I made an exception. View Quote View All Quotes View All Quotes Quoted:
Quoted:
This shit happens to all companies and even the feds. I'm sure AIM was doing what they could and it wasn't just because they were cheaping out on security. I think the problem is the fact that this information (drivers license image) isn't technically required for ammunition purchases in the first place (and certainly not indefinite storage of those documents). If you choose to put additional company requirements in place over and above what the law requires, it is your responsibility as a company to keep that information secured. There are plenty of reputable dealers that do not require photo image submission and it looks like AIM really dropped the ball on this. I'll take responsibility in that I chose to do business with AIM and voluntarily shared that information with them. That being said, the only reason I considered uploading the "required" information was because I thought AIM had a handle on it based on their excellent customer service record. Now I'm sorry I made an exception. +1 my thoughts exactly, I'm going to be taking my business elsewhere from now on |
|
Quoted:
So if you did not receive a letter you don't have anything to worry about? View Quote View All Quotes View All Quotes Quoted:
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. So if you did not receive a letter you don't have anything to worry about? Well, we're waiting. Kind of odd that AIM only has one post about this whole issue. |
|
Quoted:
Well, we're waiting. Kind of odd that AIM only has one post about this whole issue. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. So if you did not receive a letter you don't have anything to worry about? Well, we're waiting. Kind of odd that AIM only has one post about this whole issue. They might still be working with their security firm/law enforcement about it. |
|
My card was charged $1800 Euro's in Paris18 hours after ordering from Widener's. That was the last time I shopped there.
I knew it was Widener's because the card was my piggy bank card, I only use it for gun related online purchases. the last transaction prior to the Widener's order was 4 months earlier. I haven't updated my address after I moved last year, should I call? The thing is I'm not sure if I ever uploaded my D/L. |
|
Quoted:
Well, we're waiting. Kind of odd that AIM only has one post about this whole issue. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
On April 4, 2016, AIM Inc received a report that an unauthorized person was able to gain access to certain images that had been uploaded to our website. We immediately conducted an investigation, engaged a leading security firm, and alerted law enforcement. We mailed letters to all individuals on Tuesday April 26th who were affected that explained what occurred, steps we took to prevent this from happening again, and contained an offer of credit monitoring. No payment or account information was affected. We regret that this occurred and are committed to continuously working to implement appropriate measures so that our customers enjoy their experience with us. So if you did not receive a letter you don't have anything to worry about? Well, we're waiting. Kind of odd that AIM only has one post about this whole issue. Exactly. I shouldn't have to find out if my personal info was potentially stolen through a random person posting on a forum about it. No email, forum post, message on their website or anything from aim. Seems like they're more worried about doing damage control, than being upfront about the extent of what happened. |
|
my understanding is on these data breach cases, things are not really black and white. It takes time to figure out what's going on, IF they can find out.
As many millions of others, my family was part of the Anthem data breach last year, they still didn't know what exactly happened. Data security is normally contracted out, and since law enforcement(assume FBI because it's interstate commerce) is involved, I'd bet they told everybody to shut the fuck up for now. |
|
Quoted:
My card was charged $1800 Euro's in Paris18 hours after ordering from Widener's. That was the last time I shopped there. I knew it was Widener's because the card was my piggy bank card, I only use it for gun related online purchases. the last transaction prior to the Widener's order was 4 months earlier. I haven't updated my address after I moved last year, should I call? The thing is I'm not sure if I ever uploaded my D/L. View Quote My card was compromised due to Wideners as well, haven't bought from them since. This has the potential to be a little more serious but I'm not going to turn my back on AIM. We all make mistakes. |
|
Quoted: It has every fucking thing to do with their negligence. This is bullshit and they fucked up big time View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: My account info no longer has a scanned picture of my drivers license. Same here. I appreciate them doing this proactively. Also, no one really knows what happened yet and if AIM's reputation is anything to go on it isn't because of negligence. It has every fucking thing to do with their negligence. This is bullshit and they fucked up big time Yeah, because of course they left the door wide open so hackers could get in. Holy shit people. Chill the fuck out and look at it objectively. EVERY time you use a credit card or shop online you run the risk of identity theft. Its the fucking reality of life in this day and age. |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.