User Panel
Quoted:
You knew they had it did you know they were not protecting it? But hey if that is cool with you then send me your DL, SS and savings account info..... Trust me. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
It doesn't matter how strong or complex your security system is. If a scumbag has experience/time, he will get in. All you can really do is make things as secure as possible, and have a plan to mitigate/compensate for any damages. What If: -An HRC/Antigun/MDA/Bloomberg crony hacks/compromises the site. -People throw a temper tantrum and boycott Aim Surplus because they were compromised. -Aim loses business/money even though they offer a year of free credit watch. What if: this is all the asshole wanted to do. I had my FOID card on file. But honestly with all the trades/sales I've done online. How do I know if a FFL out there didn't decide to sell my information? It's not like it had my social. But it still had my picture, height, weight, address, and birth date. I've had my amazon account get hacked before. Did I stop using them? Nope; they made things right and cancelled any fraudulent purchases. These things happen out of nowhere. I use adblock, noscript, a firewall, and I don't go to questionable websites. Yet despite all that I still got hit. Cut Aim some slack. No matter what they should never had DL info unprotected, they could have deleted that info once age was confirmed, they could have stored DL info on an external server or just simply marked the account verified. They kept the info to give to the .gov and that is why we are all screwed. I can't get mad at them for that. I knew they had it. Hindsight is amazing, and I'm glad you are enjoying it. You knew they had it did you know they were not protecting it? But hey if that is cool with you then send me your DL, SS and savings account info..... Trust me. Truthfully I had no idea that images, dls, etc were not protected. Why the hell wouldn't that data be encrypted? |
|
Quoted:
You knew they had it did you know they were not protecting it? But hey if that is cool with you then send me your DL, SS and savings account info..... Trust me. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
It doesn't matter how strong or complex your security system is. If a scumbag has experience/time, he will get in. All you can really do is make things as secure as possible, and have a plan to mitigate/compensate for any damages. What If: -An HRC/Antigun/MDA/Bloomberg crony hacks/compromises the site. -People throw a temper tantrum and boycott Aim Surplus because they were compromised. -Aim loses business/money even though they offer a year of free credit watch. What if: this is all the asshole wanted to do. I had my FOID card on file. But honestly with all the trades/sales I've done online. How do I know if a FFL out there didn't decide to sell my information? It's not like it had my social. But it still had my picture, height, weight, address, and birth date. I've had my amazon account get hacked before. Did I stop using them? Nope; they made things right and cancelled any fraudulent purchases. These things happen out of nowhere. I use adblock, noscript, a firewall, and I don't go to questionable websites. Yet despite all that I still got hit. Cut Aim some slack. No matter what they should never had DL info unprotected, they could have deleted that info once age was confirmed, they could have stored DL info on an external server or just simply marked the account verified. They kept the info to give to the .gov and that is why we are all screwed. I can't get mad at them for that. I knew they had it. Hindsight is amazing, and I'm glad you are enjoying it. You knew they had it did you know they were not protecting it? But hey if that is cool with you then send me your DL, SS and savings account info..... Trust me. How do you know they had no security? You think protection stops all hackers? Like a lock on a door stops all burglars? Businesses large and small, even with extensive security, sometimes get hacked. It happens. |
|
As a longtime Aim surplus customer I never understood why Aim Surplus needed my ID to buy ammo.
This is why it's not a good idea to go above what the law requires. |
|
Quoted:
How do you know they had no security? You think protection stops all hackers? Like a lock on a door stops all burglars? Businesses large and small, even with extensive security, sometimes get hacked. It happens. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
It doesn't matter how strong or complex your security system is. If a scumbag has experience/time, he will get in. All you can really do is make things as secure as possible, and have a plan to mitigate/compensate for any damages. What If: -An HRC/Antigun/MDA/Bloomberg crony hacks/compromises the site. -People throw a temper tantrum and boycott Aim Surplus because they were compromised. -Aim loses business/money even though they offer a year of free credit watch. What if: this is all the asshole wanted to do. I had my FOID card on file. But honestly with all the trades/sales I've done online. How do I know if a FFL out there didn't decide to sell my information? It's not like it had my social. But it still had my picture, height, weight, address, and birth date. I've had my amazon account get hacked before. Did I stop using them? Nope; they made things right and cancelled any fraudulent purchases. These things happen out of nowhere. I use adblock, noscript, a firewall, and I don't go to questionable websites. Yet despite all that I still got hit. Cut Aim some slack. No matter what they should never had DL info unprotected, they could have deleted that info once age was confirmed, they could have stored DL info on an external server or just simply marked the account verified. They kept the info to give to the .gov and that is why we are all screwed. I can't get mad at them for that. I knew they had it. Hindsight is amazing, and I'm glad you are enjoying it. You knew they had it did you know they were not protecting it? But hey if that is cool with you then send me your DL, SS and savings account info..... Trust me. How do you know they had no security? You think protection stops all hackers? Like a lock on a door stops all burglars? Businesses large and small, even with extensive security, sometimes get hacked. It happens. Unless they had a need to permanently store the ID images, they shouldn't have been storing them. Once they used the images to verify the customers age, they should have updated their account info to mark it as verified, then delete the images. Storing years worth of customer ID images on a web connected server is just an accident waiting to happen. There is no amount of IT security effort that can protect everything 100% of the time.. so sensitive data that isn't needed anymore should just be destroyed. But realistically.. how much time, money, and effort did anyone expect AIM to put into something like this? lol Sure, in a perfect world, they'd go to great lengths to protect their data... but in reality, they (and every other vendor) are more worried about the bottom line and moving product. But then again.. I work in web development and deal with sensitive data. So I tend to think about this stuff I doubt many gun and ammo vendors put much thought into it. |
|
Quoted:
Quoted:
Quoted:
If I get a problem, I'll be expecting them to pay whatever the cost to make it right. I imagine right now they are working with their lawyers trying to cover their ass so they will not have to. That is what I think the reason is for not responding. It looks as if they don't want to be forced to take responsibility for their mistake. Ding, ding this guy understands Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. |
|
Quoted:
Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
If I get a problem, I'll be expecting them to pay whatever the cost to make it right. I imagine right now they are working with their lawyers trying to cover their ass so they will not have to. That is what I think the reason is for not responding. It looks as if they don't want to be forced to take responsibility for their mistake. Ding, ding this guy understands Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. How are they not taking responsibility? Did they not provide a service that would cost about 16 bucks a month for one year? Even if they got this at a discount, it is still a significant cost for them. I'd call that a pretty good step in taking responsibility, isn't it? What exactly do you differently at this point? I understand everyone is pissed. My DL was compromised, too. I'm not going to shit my pants over it until something worthy of it happens. In the mean time, I've taken advantage of their offer and looked at my credit info tonight. So far so good, and I don't have to throw away any underwear yet. Besides, I've had my DL stolen a couple of times over the years, and nothing came of it. Btw, read the terms of the service they provided. It appears to have pretty good coverage if something does happen. Again, how is that not taking responsibility? They didn't just say oops, sorry. You are SOL. They did something to help. My main criticism is the delay, but we aren't privy to the reasons for that. All I know is that as of right now, it doesn't appear the delay did any harm, at least to me. I hope the thieves look at my picture on the DL and say, "That guy is so ugly, we can't bear to take advantage of him." Hell, when they see it, they'll probably send me money out of pity. |
|
Received the letter today.
Would have been nice to offer a 50% off coupon or something. |
|
Quoted:
How are they not taking responsibility? Did they not provide a service that would cost about 16 bucks a month for one year? Even if they got this at a discount, it is still a significant cost for them. I'd call that a pretty good step in taking responsibility, isn't it? What exactly do you differently at this point? I understand everyone is pissed. My DL was compromised, too. I'm not going to shit my pants over it until something worthy of it happens. In the mean time, I've taken advantage of their offer and looked at my credit info tonight. So far so good, and I don't have to throw away any underwear yet. Besides, I've had my DL stolen a couple of times over the years, and nothing came of it. Btw, read the terms of the service they provided. It appears to have pretty good coverage if something does happen. Again, how is that not taking responsibility? They didn't just say oops, sorry. You are SOL. They did something to help. My main criticism is the delay, but we aren't privy to the reasons for that. All I know is that as of right now, it doesn't appear the delay did any harm, at least to me. I hope the thieves look at my picture on the DL and say, "That guy is so ugly, we can't bear to take advantage of him." Hell, when they see it, they'll probably send me money out of pity. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
If I get a problem, I'll be expecting them to pay whatever the cost to make it right. I imagine right now they are working with their lawyers trying to cover their ass so they will not have to. That is what I think the reason is for not responding. It looks as if they don't want to be forced to take responsibility for their mistake. Ding, ding this guy understands Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. How are they not taking responsibility? Did they not provide a service that would cost about 16 bucks a month for one year? Even if they got this at a discount, it is still a significant cost for them. I'd call that a pretty good step in taking responsibility, isn't it? What exactly do you differently at this point? I understand everyone is pissed. My DL was compromised, too. I'm not going to shit my pants over it until something worthy of it happens. In the mean time, I've taken advantage of their offer and looked at my credit info tonight. So far so good, and I don't have to throw away any underwear yet. Besides, I've had my DL stolen a couple of times over the years, and nothing came of it. Btw, read the terms of the service they provided. It appears to have pretty good coverage if something does happen. Again, how is that not taking responsibility? They didn't just say oops, sorry. You are SOL. They did something to help. My main criticism is the delay, but we aren't privy to the reasons for that. All I know is that as of right now, it doesn't appear the delay did any harm, at least to me. I hope the thieves look at my picture on the DL and say, "That guy is so ugly, we can't bear to take advantage of him." Hell, when they see it, they'll probably send me money out of pity. They sent out letters and gave out free credit protection because their lawyers told them that's what they needed to do. I would bet that if you have any problems you are going to have to drag their ass to court and then they will fight you tooth and nail. Being nice had nothing to do with their response to their blunder . |
|
Whatever their motive, even if told to do it by a blood sucking attorney, it was the right thing to do to offer ProtectMYID.
As far as "being nice," I've had communication with Bryan several times in the past. He was nice every time. His interaction on Arfcom has also indicated he was nice. He hasn't done anything to try and screw me yet, so I'm not going to turn on him until he does. I've said my piece and I respect those that disagree and feel they've been let down. Honestly, my first reaction included some very brief anger, so I understand. If I run into trouble over this situation, my perspective may change. As of now, I haven't been harmed and I've taken them up on their offer for the alert program. I just choose not to be eaten up by anger over it. |
|
We at AIM have a very unique relationship with our customers built on transparency, fairness and trust. For almost twenty years we have made it our priority to do things right. As much as we aim for perfection, we don’t always achieve that goal, but we will never compromise what is right.
Just over thirty days ago a incident occurred. Once confirmed, we immediately hired a cyber firm to investigate and perform technology forensics. We will make every effort to earn back any trust that has been lost by this incident. While it is still early in the process and difficult to answer all questions at this time, we would like to take the opportunity to respond to a few: - As soon as we became aware of the potential issue, we engaged a security firm to help us determine what occurred. We then turned to simultaneously working on correcting the issue, working to determine who was affected (which was a manual process), obtaining a credit monitoring package, preparing the letters, and setting up a call center. -- We have established a dedicated call center for this incident. We wanted to make sure we had accurate and reliable information to share as well as resources available to answer questions about preventative steps individuals can take. -- If you would like to know if you will be receiving a letter, email [email protected] -- Mailing letters is what is required in scenarios like this. It is a more reliable way of delivering the information to the right people, especially because people change email addresses and there are spam filters. |
|
Thanks, Bryan. I'll notify you through private channels if I discover any suspicious activity on my end. I hope everyone else does the same so that it may help ultimately identify and prosecute the perpetrator(s). So far, everything looks good, and I'll take this opportunity to publicly thank you for the protection service and I will take every precaution that was advised in the letter, and then some.
Those not affected should take advantage of this situation to get their credit check and be proactive in putting protections in place. It's a tough cyber-world out there. |
|
Thanks Bryan.
Shit happens. It's happened to me before, and I'm sure it will again. Thieves are gonna thieve. You've still got a customer here. |
|
Thanks for the response. I think people were getting a bit ansy due to the lack of comms and unanswered questions. I have not received a letter yet, so I guess wait about a week and if I don't get one, shoot you guys an email to double check.
I hope in the future the practice of keeping this information is reviewed. Perhaps uploaded onto a computer that isn't web connected at the end of each day, make paper copy's of the info and store in a filing cabinet after deleting the digital copy, or once the ID is verified destroy the digital copy and just mark the account verified by ID. You could also ask folks to mail in a photo copy of their ID and keep only hard copies in a filing cabinet. No digital issues there. I'm not quite sure why you guys require IDs in the 1st place since many vendors don't. A few posters mentioned it was due to a previous lawsuit by anti-gunners so I dunno. Not sure how legally binding something is from a civil judgement, but I'm no lawyer. |
|
Bryan, thank you for your reply. Anyone with a clue knows these things take time and you're limited on what you can say.
Can you clarify, that at this time, the only known compromised files are those that were uploaded through the website? (Edit My Account / Images) That's what it sounds like, but it would put a lot of minds at ease if it was clearly stated. Any concern for those that ordered a box of paper clips online? Or walked in the store 5 years/5 months/5 days ago and bought ammo? Basically make it clear that if you did not click the upload button on the website you have no concerns. |
|
I sent a scan of my driver's license for an ammo purchase because I presumed it was just a harmless hoop I had to jump through. Didn't think too hard about any risks.
For my own curiosity, Bryan, can you clarify the purpose of your requiring a DL image? I presumed it was only for age verification. Is that correct? |
|
Quoted:
I sent a scan of my driver's license for an ammo purchase because I presumed it was just a harmless hoop I had to jump through. Didn't think too hard about any risks. For my own curiosity, Bryan, can you clarify the purpose of your requiring a DL image? I presumed it was only for age verification. Is that correct? View Quote I would like to know this also. Why doesn't SGammo, Massammo, etc doesn't require this, are they breaking the law? |
|
Here is a thread Bryan posted in about two years ago verifying they were sued and as a result require ID.
https://www.ar15.com/archive/topic.html?b=2&f=217&t=244904 we actually got sued for not verifying the age of a ammo customer a few years back, now we require it.
Have a good weekend View Quote |
|
Quoted:
Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
If I get a problem, I'll be expecting them to pay whatever the cost to make it right. I imagine right now they are working with their lawyers trying to cover their ass so they will not have to. That is what I think the reason is for not responding. It looks as if they don't want to be forced to take responsibility for their mistake. Ding, ding this guy understands Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. They sent out the fucking letters because it's a fucking requirement to send your fucking customers letters when there's a fucking info breach. I'd be willing to bet that not one fucking Arfcommer loses a fucking dime from this. As a victim of the OPM security breach, this is minor in the scale of info breaches. In today's world where hackers can hack into governments and bank, it's pretty damn smart to already have a monitoring service in place. Most of us buy safes to protect our guns from thieves, but few buy services to safeguard their identity and credit. It's a new world and shit happens. |
|
My first thought when I got the letter: I wish it would've been a coupon. I can't use the credit protection on top of an existing freeze. Thanks OPM!!
My second thought when I got the letter: I still got a good price on the ammo when there was none available elsewhere. I'll still stick around as an AIM customer. Without getting into specifics, I've had far worse with two government agencies, two credit cards, and multiple retailers and hotel chains. But again, thanks OPM!! What the cybershits did to me because of OPM was good fun and didn't cost me a dime, just a little time. My credit is now locked up so tight my bank can't figure out how to work with Experian and Equifax to pull a credit report. Screw 'em though. Easy access to my credit is how they make their money. |
|
was hoping there was a coupon in the letter, too! lol
Quoted:
I will have some answers for you guys in a few View Quote Bryan - i had a chance to calm down a little after getting the letter last night, but i will tell you that I will not make a purchase with you guys again until i know my ID info is deleted from your servers and databases. After this fiasco i also expect to never be questioned about my age if/when i chose to purchase something from your site. If I am, I will simple upload a copy of the letter i received from you as proof. |
|
Deleted - waiting to see what Bryan has to say since he removed his earlier post.
|
|
I'm not paranoid like a lot of guys.
I don't think getting my identity or cc stolen is the end of the world because i've had my identity stolen once and cc stolen twice. Shit happens in the cyber world. It was a process but I took care of it fairly easily. BUT. I have never used aim because of the driver's license requirement and will continue not to use aim because of the driver's license requirement. It's moronic at best, shady and ill mannered at worst. Why on earth do they need that information? I can't think of a reason that i'm okay with. Period. I know a lot of businesses are moronic or shady. But if I know that before, I certainly don't use them. That dl thing just never sat well with me. This is coming from a business owner. I almost always see the businesses side of things. But not in the case. This is a ticking time bomb for a decade. |
|
Quoted:
Here is a thread Bryan posted in about two years ago verifying they were sued and as a result require ID. https://www.ar15.com/archive/topic.html?b=2&f=217&t=244904 View Quote View All Quotes View All Quotes Quoted:
Here is a thread Bryan posted in about two years ago verifying they were sued and as a result require ID. https://www.ar15.com/archive/topic.html?b=2&f=217&t=244904 we actually got sued for not verifying the age of a ammo customer a few years back, now we require it.
Have a good weekend Anyone know the result of the lawsuit? Win/lose? |
|
Quoted:
Anyone know the result of the lawsuit? Win/lose? View Quote View All Quotes View All Quotes Quoted:
Quoted:
Here is a thread Bryan posted in about two years ago verifying they were sued and as a result require ID. https://www.ar15.com/archive/topic.html?b=2&f=217&t=244904 we actually got sued for not verifying the age of a ammo customer a few years back, now we require it.
Have a good weekend Anyone know the result of the lawsuit? Win/lose? I'm not sure if hackers or lawyers are a bigger problem. Sounds like a catch-22 for AIM. I bought an ETS Glock magazine from AIM this morning for my Glock 19. I've been wanting to try one of these, anyway, so it gave me a way to put my money where my mouth is. Great price and free shipping. |
|
Just looked at another ammo site behind enemy lines, the DL thing isn't simply lawyer-proofing. It's apparently required by law in worker's paradises such as "Connecticut, New Jersey, New York, or Illinois". Unfortunately, AIM got lawyered into collecting DLs for all.
Actually, I've had more day-in-day-out problems with a hack on that other dealer than I believe that I will have with AIM's hack. This other place had their email list hacked. My junkmail folder and my filter folder related related to this hack is currently brimming with boner pill offers, hookup requests from Central Europe, floor cleaning offers, Schwans home delivery info, diet plan offers, wrinkle remover offers, and wifi security camera offers. Never had this spam problem on this specific email address until that site lost control of their email list ... and all the 'tards on it did reply-all's when we were all copied in the clear by one of the spammers. Of course, I am probably cursed now. Some illegal messican will be performing serial returns to Target, Worst Buy, We Be Toys, Home Despot, and etc. on my DL # since those place require a DL to return stuff. :) The retail rocket scientists won't be bothered to notice that Jose Garcia Rodriguez Martinez Hernandez is not the middle-aged, overweight white guy on the license card. |
|
Some of the posts here are golden.
I haven't bought gun stuff in awhile but AIM will still have my business should I need more ammo. Regardless of what AIM could or should have done, did any of you know that YOU had the ability to take down images from your own profile? |
|
Quoted:
We at AIM have a very unique relationship with our customers built on transparency, fairness and trust. For almost twenty years we have made it our priority to do things right. As much as we aim for perfection, we don’t always achieve that goal, but we will never compromise what is right. Just over thirty days ago a incident occurred. Once confirmed, we immediately hired a cyber firm to investigate and perform technology forensics. We will make every effort to earn back any trust that has been lost by this incident. While it is still early in the process and difficult to answer all questions at this time, we would like to take the opportunity to respond to a few: - As soon as we became aware of the potential issue, we engaged a security firm to help us determine what occurred. We then turned to simultaneously working on correcting the issue, working to determine who was affected (which was a manual process), obtaining a credit monitoring package, preparing the letters, and setting up a call center. -- We have established a dedicated call center for this incident. We wanted to make sure we had accurate and reliable information to share as well as resources available to answer questions about preventative steps individuals can take. -- If you would like to know if you will be receiving a letter, email [email protected] -- Mailing letters is what is required in scenarios like this. It is a more reliable way of delivering the information to the right people, especially because people change email addresses and there are spam filters. View Quote Bryan, I received a letter and I have order from you guys but it's been quite a while back that I ordered ammo. Is there any way to find out what image or data was in file that could have bern taken from my account profile? Thanks Wes |
|
If you did not receive a letter you don't have anything to worry about? Both my sons received letters yesterday and they sent their info in within the last 3yrs I did NOT receive one, miy info was sent 8 yrs ago or so.
|
|
I got a letter and I signed up for the free credit monitoring that AIM offered. I think that was a great way to handle a data breach, thanks!
|
|
I got a letter and I think I bought some ammo a few years ago. I just signed up for the credit protection so thank you AIM for doing that. I've since moved and have a different license than the one I uploaded but every little bit helps.
|
|
Maybe AIM should take a stance of not doing any business with people who have definitively voiced their opinion on boycotting them from now on. If you think that your information wasn't already floating around in cyberspace or that you were perfectly protected before this then you're quite ignorant IMO. I don't blame AIM at all. If someone wants in...they'll get it. If someone wants your info, SSN, State DL, address, phone #, IP address they'll get it eventually, that's the risks you take in today's digital world. User agreements and terms of service should be undated to reflect your actual vulnerability to any type of attack. Sorry
|
|
Quoted:
Maybe AIM should take a stance of not doing any business with people who have definitively voiced their opinion on boycotting them from now on. If you think that your information wasn't already floating around in cyberspace or that you were perfectly protected before this then you're quite ignorant IMO. I don't blame AIM at all. If someone wants in...they'll get it. If someone wants your info, SSN, State DL, address, phone #, IP address they'll get it eventually, that's the risks you take in today's digital world. User agreements and terms of service should be undated to reflect your actual vulnerability to any type of attack. Sorry View Quote Well I very cool with that. It would be nice if they would pay for litigation to correct the breach and make their loyal customers whole.. |
|
logged into my account and just to see, went to checkout a box of ammo. my uploaded "papers" are now gone and replaced with a series of checkboxes. much more acceptable.
|
|
|
Quoted:
Maybe AIM should take a stance of not doing any business with people who have definitively voiced their opinion on boycotting them from now on. If you think that your information wasn't already floating around in cyberspace or that you were perfectly protected before this then you're quite ignorant IMO. I don't blame AIM at all. If someone wants in...they'll get it. If someone wants your info, SSN, State DL, address, phone #, IP address they'll get it eventually, that's the risks you take in today's digital world. User agreements and terms of service should be undated to reflect your actual vulnerability to any type of attack. Sorry View Quote Well, bless your heart. Know how I know you don't own a successful business? "Blacklisting" customers for expressing anger or irritation when the company is at fault is a great way to put yourself out of business. As much as it must suck to be on the receiving end of the negative comments, the reality is that it is their fault so some kneejerk customer responses of the pissed-off variety should be expected. Once the heat and immediacy of the issue die down (and providing that AIM does everything they can to make it right), my guess is that many customers will ease off a little. Maybe some will come back, maybe they won't. You want to see a PR shitstorm? Start punishing customers for being angry that their personal information was mishandled. |
|
Quoted:
Well, bless your heart. Know how I know you don't own a successful business? "Blacklisting" customers for expressing anger or irritation when the company is at fault is a great way to put yourself out of business. As much as it must suck to be on the receiving end of the negative comments, the reality is that it is their fault so some kneejerk customer responses of the pissed-off variety should be expected. Once the heat and immediacy of the issue die down (and providing that AIM does everything they can to make it right), my guess is that many customers will ease off a little. Maybe some will come back, maybe they won't. You want to see a PR shitstorm? Start punishing customers for being angry that their personal information was mishandled. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Maybe AIM should take a stance of not doing any business with people who have definitively voiced their opinion on boycotting them from now on. If you think that your information wasn't already floating around in cyberspace or that you were perfectly protected before this then you're quite ignorant IMO. I don't blame AIM at all. If someone wants in...they'll get it. If someone wants your info, SSN, State DL, address, phone #, IP address they'll get it eventually, that's the risks you take in today's digital world. User agreements and terms of service should be undated to reflect your actual vulnerability to any type of attack. Sorry Well, bless your heart. Know how I know you don't own a successful business? "Blacklisting" customers for expressing anger or irritation when the company is at fault is a great way to put yourself out of business. As much as it must suck to be on the receiving end of the negative comments, the reality is that it is their fault so some kneejerk customer responses of the pissed-off variety should be expected. Once the heat and immediacy of the issue die down (and providing that AIM does everything they can to make it right), my guess is that many customers will ease off a little. Maybe some will come back, maybe they won't. You want to see a PR shitstorm? Start punishing customers for being angry that their personal information was mishandled. I was a victim of my states largest data breach. As I wasn't forced to provide the information that affected, I chose to supply it to someone who I thought would retain it securely. No one forced any customer to provide a copy of their state ID. The customer chose to supply it, in return they agreed to the terms of the sale. They could have gone elsewhere. Now for them to turn around and solely blame AIM for this is complete knee jerk yes. No one forced them to come here and complain and surely they didn't know before they were sent the letter advising them of the breech, and to still think that AIM somehow was negligent with their information is funny, they've gone through the same steps and process as any company would who want to retain their customer base would. It's not a punishment to customers it's capitalism, if you choose not to do business with someone who doesn't agree with your business model or terms you don't have to. Granted AIM is known for their exceptional service I doubt this will have lasting financial distress for them. I think if a customer was really worried they would make personal contact with AIM and not air out their anger on a forum where they remain anonymous and can bad mouth anyone they please. But again just my opinion. |
|
You'd think this AIM Surplus breach would be OPM x 10 based on the reactions on the interwebs.
|
|
Sad to hear the news... I look forward to continuing to do business with AimSurplus...
|
|
Quoted:
You'd think this AIM Surplus breach would be OPM x 10 based on the reactions on the interwebs. View Quote Pretty much, but most of the folks affected by the OPM breach are used to having their identity stolen. This has reached a bunch of virgins. That said, I'm more annoyed at the stupidity of hanging credentials on the internet than I am them being stolen. |
|
This shit happens, sucks but that is what the world has come to. To say it is Aim's fault is bs. It happens with a lot of companies/gov
Now get back to shipping orders out. |
|
|
Serious question - what good does a copy of someone's license do without a SS#?
In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? |
|
Quoted:
Aim, please answer this. I haven't received a letter yet, but my info has been uploaded to your site for years. View Quote View All Quotes View All Quotes Quoted:
Quoted:
In the letter it says certain images? What does that mean? That it was only a few people affected and you don't know who? Aim, please answer this. I haven't received a letter yet, but my info has been uploaded to your site for years. People who have foids. |
|
Quoted:
Serious question - what good does a copy of someone's license do without a SS#? In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? View Quote Someone could create a fake using your information and rack up tickets on your behalf. It's also halfway to getting a copy of your social security card. |
|
Quoted:
Someone could create a fake using your information and rack up tickets on your behalf. It's also halfway to getting a copy of your social security card. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Serious question - what good does a copy of someone's license do without a SS#? In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? Someone could create a fake using your information and rack up tickets on your behalf. It's also halfway to getting a copy of your social security card. |
|
Quoted: Someone could create a fake using your information and rack up tickets on your behalf. It's also halfway to getting a copy of your social security card. View Quote View All Quotes View All Quotes Quoted: Quoted: Serious question - what good does a copy of someone's license do without a SS#? In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? Someone could create a fake using your information and rack up tickets on your behalf. It's also halfway to getting a copy of your social security card. Nvm. |
|
Quoted:
What do you mean by pay for litigation to correct the breach? How exactly would that work? View Quote View All Quotes View All Quotes Quoted:
Well I very cool with that. It would be nice if they would pay for litigation to correct the breach and make their loyal customers whole..
What do you mean by pay for litigation to correct the breach? How exactly would that work? NVM |
|
Quoted:
Serious question - what good does a copy of someone's license do without a SS#? In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? View Quote Some older licenses did have the SS# and since it appears that older/ expired documents were not purged, that is a real concern for some folks. Also, this breach was apparently not limited to drivers licenses - according to the letter, it included other uploaded images such as FFLs and firearm permits. Beyond the identity theft concerns, those documents working together could make a pretty good list of names and addresses of gun owners with disposable income. Not exactly the kind of information you want floating around in one conveniently assembled package, especially if the thief knows what it is and where it came from (which is a pretty safe bet). |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.