User Panel
Question for anyone at AIM to answer
Have you deleted the uploads of our ID's or are they still stored somewhere? I would like to know the answer to this please. If you havent deleted the copies of our ID's i would like mine to be deleted ASAP I realize its too late after the breach, but i dont want my ID floating around on your computers somewhere in case something like this happens in the future. Thank you- |
|
Quoted:
They sent out the fucking letters because it's a fucking requirement to send your fucking customers letters when there's a fucking info breach. I'd be willing to bet that not one fucking Arfcommer loses a fucking dime from this. As a victim of the OPM security breach, this is minor in the scale of info breaches. In today's world where hackers can hack into governments and bank, it's pretty damn smart to already have a monitoring service in place. Most of us buy safes to protect our guns from thieves, but few buy services to safeguard their identity and credit. It's a new world and shit happens. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
If I get a problem, I'll be expecting them to pay whatever the cost to make it right. I imagine right now they are working with their lawyers trying to cover their ass so they will not have to. That is what I think the reason is for not responding. It looks as if they don't want to be forced to take responsibility for their mistake. Ding, ding this guy understands Yeah, they totally don't want to take responsibility. That's why they sent out the fucking letters... The stupidity of some people never ceases to amaze me. They sent out the fucking letters because it's a fucking requirement to send your fucking customers letters when there's a fucking info breach. I'd be willing to bet that not one fucking Arfcommer loses a fucking dime from this. As a victim of the OPM security breach, this is minor in the scale of info breaches. In today's world where hackers can hack into governments and bank, it's pretty damn smart to already have a monitoring service in place. Most of us buy safes to protect our guns from thieves, but few buy services to safeguard their identity and credit. It's a new world and shit happens. If your post was directed at me, then your sarcasm meter is completely broken. Look up a few quote blocks at what I made red... My point was that they're obviously owning up to the problem, otherwise they wouldn't have sent the letters in the first place. They could just as easily have played dumb and pretended like nothing happened. As I've said more than once, AIM is good people and shit happened. It isn't the first time in history and it certainly won't be the last. |
|
I deleted my ID off their site months ago but I still got the letter yesterday
|
|
Hurry up and list some awesome surplus while everyone is mad at you so I actually have a chance to buy something before it all sells out .
|
|
|
This is why the ID's upload thing is utter bullshit.
I'd be hesitant to give them my business again. |
|
Is the letter asking people to file their own police report or what actions are being done on behalf of those impacted?
|
|
The letter I received stated that my DL was compromised, and that they would give me a free one year period on a credit thing. I'm not too worried about it honestly. My DL has my address, DOB, and DL #. If no CC information was stolen, then I'm not really concerned. I was more worried about the home depot thing a few years ago, considering how much I spend there, and the fact that my payment information was compromised.
I'm just going to contact the local law enforcement and file a report. That's all you can really do in GA until someone actually tries to use your info for something criminal. Then you have something showing what happened prior to criminal activity. |
|
Quoted:
The letter I received stated that my DL was compromised, and that they would give me a free one year period on a credit thing. I'm not too worried about it honestly. My DL has my address, DOB, and DL #. If no CC information was stolen, then I'm not really concerned. I was more worried about the home depot thing a few years ago, considering how much I spend there, and the fact that my payment information was compromised. I'm just going to contact the local law enforcement and file a report. That's all you can really do in GA until someone actually tries to use your info for something criminal. Then you have something showing what happened prior to criminal activity. View Quote Will they even file a police report if nothings been done though? |
|
I received my letter on Saturday. Today I got three pieces of mail delivered to my address, but with the names:
TUAN NGUYEN AMERICAN EXPRESS CHRISTINE PHAN AMERICAN EXPRESS NHI PHAN AMERICAN EXPRESS All the mail is identical and has to do with a notice of a class action lawsuit against Sony for a "Lithium Ion Batteries Antitrust Litigation" The kind of notice that informs you that you may or may not benefit from the suit and gives you the run down on what it is all about. Wonder if this has anything to do with the breach? Mav |
|
Quoted:
Got my letter today, I am not all that pissed. Shit happens. View Quote Same. I uploaded mine years ago but never actually bought anything that required it. The people that are getting all pissed off need to never shop online or use anything but cash in person as data breaches are a part of life now. If you didn't want it happen ever then you shouldn't have uploaded your license. When government agencies with an unlimited budget aren't immune how can you expect AIM to be impervious to attack? |
|
Well, got a letter in the mail from AIM. I'm quite upset by this and I doubt I'll buy anything from them again. Now I've gotta go pull a credit report. Fuck.
|
|
|
I called the the AIM data breech hotline. I had a few specific question. I verified that my Drivers License info had been compromised. I asked about my O3 FFL since It was an uploaded image. They did not have a satisfactory answer for me. I want to know exactly what was compromised. AIM can you confirm it was just Drivers License. Someone now has documentation on me and you with sensitive information and our address. It would have been 100% better if they got a hold of credit card info, your bank cancels the card and sends you a new one no muss no fuss. The state will not cancel your Drivers License and send you a new one and now someone has your address with a pretty good idea that you own firearms and ammo. Will AIM provide a security alarm system to protect my house, no I don't think so. The issue here is once someone verify their age it should be indicated on the account and not stored on a server that can be accessed from the internet. Aim stated to me that they have to keep the age verification information on file. Once verified the monkey is off of AIMS back. When you store sensitive information you have a duty to secure it. I know because I deal with HIPPA and other very sensitive info on a daily basis compiling and completing reports. My company is ultra strict even down shredding everything. The big question I would like to see answered is did the breech affect Just DL or did it include FFL info. I am not saying I will not shop at AIM anymore, But I am saying I will not buy ammo if this policy stays in effect and I will now snail mail my 03 FFL info if i send it at all. I am nowhere near pissed off, things happen, I am just really concerned.
|
|
|
Quoted:
Some older licenses did have the SS# and since it appears that older/ expired documents were not purged, that is a real concern for some folks. Also, this breach was apparently not limited to drivers licenses - according to the letter, it included other uploaded images such as FFLs and firearm permits. Beyond the identity theft concerns, those documents working together could make a pretty good list of names and addresses of gun owners with disposable income. Not exactly the kind of information you want floating around in one conveniently assembled package, especially if the thief knows what it is and where it came from (which is a pretty safe bet). View Quote View All Quotes View All Quotes Quoted:
Quoted:
Serious question - what good does a copy of someone's license do without a SS#? In other words, unless your credit card info or SS# was compromised, why would a copy of your license (which contains none of this info) be such a huge threat? Some older licenses did have the SS# and since it appears that older/ expired documents were not purged, that is a real concern for some folks. Also, this breach was apparently not limited to drivers licenses - according to the letter, it included other uploaded images such as FFLs and firearm permits. Beyond the identity theft concerns, those documents working together could make a pretty good list of names and addresses of gun owners with disposable income. Not exactly the kind of information you want floating around in one conveniently assembled package, especially if the thief knows what it is and where it came from (which is a pretty safe bet). This is exactly what I was getting at. This could be really bad. |
|
Quoted:
Same. I uploaded mine years ago but never actually bought anything that required it. The people that are getting all pissed off need to never shop online or use anything but cash in person as data breaches are a part of life now. If you didn't want it happen ever then you shouldn't have uploaded your license. When government agencies with an unlimited budget aren't immune how can you expect AIM to be impervious to attack? View Quote View All Quotes View All Quotes Quoted:
Quoted:
Got my letter today, I am not all that pissed. Shit happens. Same. I uploaded mine years ago but never actually bought anything that required it. The people that are getting all pissed off need to never shop online or use anything but cash in person as data breaches are a part of life now. If you didn't want it happen ever then you shouldn't have uploaded your license. When government agencies with an unlimited budget aren't immune how can you expect AIM to be impervious to attack? AIMs database being compromised isn't the reason most people are pissed off. You're right, shit happens. Any body can get hacked. However, storing copies of customers DL's and other personal documents on an externally accessible device for YEARS after they've served their purpose is unacceptable. The irony here is all the people supporting AIM by saying "it can happen to anyone"... all that does is underline the point that copies of customers DL's, etc, should have been destroyed as soon as they were verified. Or at least moved to some type of system that is not externally accessible. Storing years worth of that kind of information when simple age verification should only take about 10 seconds is just a horrible practice, at best. I'm not saying the people at AIM are bad people, but they f***ed up, no way around it. |
|
|
Meh. Shit happens, i'm not worried, and AIM has been damn fucking good to me these last few years, i'll still be a customer when i'm old and gray.
And you best believe when the Hillary Panic starts, that i'll be hanging out at the nightly rally point again, scoring ammo when most guys are cryin' into their beers. GMP FTMFW bitchez. |
|
Quoted:
I won't be doing business with them any more. I got a letter today. View Quote View All Quotes View All Quotes Quoted:
Quoted:
This is why the ID's upload thing is utter bullshit. I'd be hesitant to give them my business again. I won't be doing business with them any more. I got a letter today. Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. |
|
Quoted:
Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
This is why the ID's upload thing is utter bullshit. I'd be hesitant to give them my business again. I won't be doing business with them any more. I got a letter today. Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. |
|
Quoted:
Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
This is why the ID's upload thing is utter bullshit. I'd be hesitant to give them my business again. I won't be doing business with them any more. I got a letter today. Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. Pretty sure there are Federal regulations that require anyone that collects PII to properly secure it from disclosure to include encryption. This is what they are really worried about. Heavy fines and or jail time, because they goofed up and didn't follow proper procedures. |
|
I have worked in IT Security on the Infrastructure side for many years. There are three types of Internet facing companies:
Those that have been compromised, informed their customers, and have taken appropriate measures to once again secure their data (data in transit and data at rest). Those that have been compromised and have attempted to contain the collateral damage without informing the general public. Those that have been compromised and don't even know it because they do not have the skill set or technology to discover the breach. |
|
Quoted:
Well, got a letter in the mail from AIM. I'm quite upset by this and I doubt I'll buy anything from them again. Now I've gotta go pull a credit report. Fuck. View Quote You get a free copy when you sign up for the id protect on the back of the paper. This happens all the time I just ordered again the other day. I'd put most of the blame on the server company if they told AIM what type of protection was offered and it differed from what they got. Either way I'm pissed it happened, but nothing can be done except being vigilant as of now I guess. |
|
Got my letter today!
Little pissed, but it's the internet and not completely AIMs fault. I made another order from them just over the weekend. Maybe my loyalty will be rewarded! |
|
got my letter......I will not be doing business with AIM again!!!
until I have more money...I am sorta broke right now. When will you guys be getting more C&Rs? :) I need me some more C&Rs |
|
Quoted:
AIMs database being compromised isn't the reason most people are pissed off. You're right, shit happens. Any body can get hacked. However, storing copies of customers DL's and other personal documents on an externally accessible device for YEARS after they've served their purpose is unacceptable. The irony here is all the people supporting AIM by saying "it can happen to anyone"... all that does is underline the point that copies of customers DL's, etc, should have been destroyed as soon as they were verified. Or at least moved to some type of system that is not externally accessible. Storing years worth of that kind of information when simple age verification should only take about 10 seconds is just a horrible practice, at best. I'm not saying the people at AIM are bad people, but they f***ed up, no way around it. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Got my letter today, I am not all that pissed. Shit happens. Same. I uploaded mine years ago but never actually bought anything that required it. The people that are getting all pissed off need to never shop online or use anything but cash in person as data breaches are a part of life now. If you didn't want it happen ever then you shouldn't have uploaded your license. When government agencies with an unlimited budget aren't immune how can you expect AIM to be impervious to attack? AIMs database being compromised isn't the reason most people are pissed off. You're right, shit happens. Any body can get hacked. However, storing copies of customers DL's and other personal documents on an externally accessible device for YEARS after they've served their purpose is unacceptable. The irony here is all the people supporting AIM by saying "it can happen to anyone"... all that does is underline the point that copies of customers DL's, etc, should have been destroyed as soon as they were verified. Or at least moved to some type of system that is not externally accessible. Storing years worth of that kind of information when simple age verification should only take about 10 seconds is just a horrible practice, at best. I'm not saying the people at AIM are bad people, but they f***ed up, no way around it. Hindsight. I don't remember seeing you or anyone else on here telling them they shouldn't be storing DL's or other documents. It is easy to sound really smart about it now, but how smart were you about it before the breach became public knowledge? I know I didn't give it a thought before all of this. |
|
Quoted:
I have worked in IT Security on the Infrastructure side for many years. There are three types of Internet facing companies: Those that have been compromised, informed their customers, and have taken appropriate measures to once again secure their data (data in transit and data at rest). Those that have been compromised and have attempted to contain the collateral damage without informing the general public. Those that have been compromised and don't even know it because they do not have the skill set or technology to discover the breach. View Quote Once again that is beside the point. This has nothing to do with the fact that they were compromised. It's all in how they handled the data. Working in IT, how can you not see that? |
|
Quoted:
Hindsight. I don't remember seeing you or anyone else on here telling them they shouldn't be storing DL's or other documents. It is easy to sound really smart about it now, but how smart were you about it before the breach became public knowledge? I know I didn't give it a thought before all of this. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Got my letter today, I am not all that pissed. Shit happens. Same. I uploaded mine years ago but never actually bought anything that required it. The people that are getting all pissed off need to never shop online or use anything but cash in person as data breaches are a part of life now. If you didn't want it happen ever then you shouldn't have uploaded your license. When government agencies with an unlimited budget aren't immune how can you expect AIM to be impervious to attack? AIMs database being compromised isn't the reason most people are pissed off. You're right, shit happens. Any body can get hacked. However, storing copies of customers DL's and other personal documents on an externally accessible device for YEARS after they've served their purpose is unacceptable. The irony here is all the people supporting AIM by saying "it can happen to anyone"... all that does is underline the point that copies of customers DL's, etc, should have been destroyed as soon as they were verified. Or at least moved to some type of system that is not externally accessible. Storing years worth of that kind of information when simple age verification should only take about 10 seconds is just a horrible practice, at best. I'm not saying the people at AIM are bad people, but they f***ed up, no way around it. Hindsight. I don't remember seeing you or anyone else on here telling them they shouldn't be storing DL's or other documents. It is easy to sound really smart about it now, but how smart were you about it before the breach became public knowledge? I know I didn't give it a thought before all of this. Get out of here with your logic and common sense. Ain't nobody got time fo dat! The lynch mob isn't finished bitching yet! |
|
|
Quoted:
I called the the AIM data breech hotline. I had a few specific question. I verified that my Drivers License info had been compromised. I asked about my O3 FFL since It was an uploaded image. They did not have a satisfactory answer for me. I want to know exactly what was compromised. AIM can you confirm it was just Drivers License. Someone now has documentation on me and you with sensitive information and our address. It would have been 100% better if they got a hold of credit card info, your bank cancels the card and sends you a new one no muss no fuss. The state will not cancel your Drivers License and send you a new one and now someone has your address with a pretty good idea that you own firearms and ammo. Will AIM provide a security alarm system to protect my house, no I don't think so. The issue here is once someone verify their age it should be indicated on the account and not stored on a server that can be accessed from the internet. Aim stated to me that they have to keep the age verification information on file. Once verified the monkey is off of AIMS back. When you store sensitive information you have a duty to secure it. I know because I deal with HIPPA and other very sensitive info on a daily basis compiling and completing reports. My company is ultra strict even down shredding everything. The big question I would like to see answered is did the breech affect Just DL or did it include FFL info. I am not saying I will not shop at AIM anymore, But I am saying I will not buy ammo if this policy stays in effect and I will now snail mail my 03 FFL info if i send it at all. I am nowhere near pissed off, things happen, I am just really concerned. View Quote you clearly get it.. I had my CC compromised once... I could care less.. filed a report canceled the card.. refund from CC company.. moved on.. no issue.. nothing like being identified by god only knows who as a gun owner, location plotted on a map to a bunch of guns and ammo.. not happy.. |
|
Quoted:
Hindsight. I don't remember seeing you or anyone else on here telling them they shouldn't be storing DL's or other documents. It is easy to sound really smart about it now, but how smart were you about it before the breach became public knowledge? I know I didn't give it a thought before all of this. View Quote View All Quotes View All Quotes Quoted:
Hindsight. I don't remember seeing you or anyone else on here telling them they shouldn't be storing DL's or other documents. It is easy to sound really smart about it now, but how smart were you about it before the breach became public knowledge? I know I didn't give it a thought before all of this. That's a ridiculous argument on so many levels I'm not even going to entertain it. Its common sense. Perhaps I should have drove to their office and audited their policies and data storage methods? Not sure how you could possibly blame a customer for a company unnecessarily storing personal information YEARS past its usefulness, then losing it Quoted:
Get out of here with your logic and common sense. Ain't nobody got time fo dat! The lynch mob isn't finished bitching yet! I don't think 'logic' and 'common sense' mean what you think they do... ETA: I never said I wouldn't shop with AIM ever again, all I said is they f***ed up. But I certainly won't be uploading any more files. |
|
Quoted: Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: Quoted: This is why the ID's upload thing is utter bullshit. I'd be hesitant to give them my business again. I won't be doing business with them any more. I got a letter today. Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. And then everyone flips a tit that they have to upload the SAME information for EVERY order. "Isn't there a way they can just keep it on file?" |
|
Quoted:
And then everyone flips a tit that they have to upload the SAME information for EVERY order. "Isn't there a way they can just keep it on file?" View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
This is why the ID's upload thing is utter bullshit. I'd be hesitant to give them my business again. I won't be doing business with them any more. I got a letter today. Then you're not doing business with these companies either? They also had data breaches. Ebay Chase Home Depot Dairy Queen Target Sony Blue Cross Jimmy Johns Staples P.F. Chang's T-Moble Experian TJ Maxx Ashley Madison Widener's Yep, we'll teach AIM a lesson alright! Personally, I'll continue to order. I was hit by the OPM breach and smart enough to have credit monitoring already in place. Blaming AIM is the same as blaming any crime victim. I rather doubt there was anything AIM could have done to prevent this. The fact they are offering a free 1yr monitoring program, shows they have integrity. Shit happens and AIM has taken steps to resolve it. Yes there is something AIM could have done, they could have not stored years worth of customers DL's (and whatever else) when they could have just been verified and destroyed.. And then everyone flips a tit that they have to upload the SAME information for EVERY order. "Isn't there a way they can just keep it on file?" Once again it's not so black and white. Customer uploads the image once, AIM verifes age, then deletes the document, and checks a box on the order to "confirmed age", off you go. That said, I do not buy that only the images were what got hacked. My brother got a letter but he never ordered ammo so he didn't have to verify age. |
|
The whole one year of credit monitoring is a joke to me. The information they let get out there isn't going to change in 366 days. They compromised my information for life and for them to say that payment information was not compromised has me waving the BS flag. So you're telling me that my payment info was secure but nothing else was? My future business will be determined by how this is all handled and whether or not I feel like AIM is being upfront with what's going on with their customers and keeping them informed.
|
|
Quoted:
And then everyone flips a tit that they have to upload the SAME information for EVERY order. "Isn't there a way they can just keep it on file?" View Quote Are you actually being serious or are you just screwing with me? Try to follow... when someone uploads their drivers license, an AIM employee may then validate said persons account and change it to a "verified" status. After that the copy of the drivers license maybe destroyed. There is NO REASON to repeatedly upload OR maintain a drivers license on file... |
|
Learned a few things today when I called the AIM Help Desk and asked some questions:
1) I asked how long have they been storing images and they told me their mage storage came online in July of 2010 but I could swear they were asking for DL's even before then? 2) I also asked if I should contact my local police depart to report the theft. They said I can if I wanted to but that the FBI and ATF have already begun an investigation. Good Luck, everyone. |
|
I'm glad I have credit monitoring through another company, as the one in the letter doesn't seem to be that great. I went to their website to compare, and it was down for maintenance...
AIM, not for nothing, but for someone that didn't even purchase ammo from you (7.62x54mm went out of stock before I got to it), I'm pissed. When I uploaded my info, I figured it would be confirmed, then destroyed. Guess not. You had me annoyed with not allowing stripped AR lowers to NJ FFLs, this sealed the deal that I'll never buy from you again. And also, your letter was wrong; NJ D/Ls have more than just name and D/L number. More of my info was compromised than just those two things (good thing it wasn't SSN). |
|
Quoted:
I'm glad I have credit monitoring through another company, as the one in the letter doesn't seem to be that great. I went to their website to compare, and it was down for maintenance... AIM, not for nothing, but for someone that didn't even purchase ammo from you (7.62x54mm went out of stock before I got to it), I'm pissed. When I uploaded my info, I figured it would be confirmed, then destroyed. Guess not. You had me annoyed with not allowing stripped AR lowers to NJ FFLs, this sealed the deal that I'll never buy from you again. And also, your letter was wrong; NJ D/Ls have more than just name and D/L number. More of my info was compromised than just those two things (good thing it wasn't SSN). View Quote Yup, I'm in NJ too they took a lot more than a DL. Fuck AIM. |
|
I just heard back from Aim looks like they got my FFL info also. I am going to contact my attorney and talk this over with him . This type of negligence is inexcusable. If you had FFL information uploaded to AIM's website I suggest you contact the ATF yourself to cover your 6 in case something bad happens out of this.
What is the full extent of this breach, I would appreciate the full honest truth on the matter? |
|
I had an 03 FFL uploaded to the site. It expired in January of this this year but I have not received any kind of communication from AIM.
I already have credit monitoring from the OPM hack but am kind of curious why I haven't heard from AIM. I'm more concerned about my address being out there more than anything. I haven't read the whole thread but have they responded other than the original canned message? |
|
There is sporadic information through out this thread. Get a cold drink and set down and go through it.
|
|
bryan
serious suggestion here while youre going to all of the work of getting your website fixed/secured, could you PLEASE add a drop down menu to show the often cheaper USPS shipping charges instead of just the high UPS rates ? you guys dont realize the amount of business you lose because people think shipping is too high the new customers you gain would offset those you are losing due to this breach ! |
|
if Rackspace was hosting the site it would probably not be their fault. My thinking is the that is will be the web developer and ultimately will be AIM's responsibility. They would have contracted with the web developer who configured the site. Rackspace is very good at what they do and my bet is they assisted and helped find the hole. PCI guidelines require that Card number be encrypted if stored and that no one can see the whole card number except those designated by management. This should be built in to the application. They are not allowed to store the CCV number at all. It is possible that they hand off the card approval process to another vender which means the cards are not stored. My opinion is that AIM should have done everything in their power to protect any private information and that it should have been secured and or encrypted.
I would like to see AIM step up and say something about this. I also understand they have to figure out what and how it happened. Personally I would like to know what happened as I had some documents there as well. I am not as concerned about credit as much as I am that someone now has my address and my C&R. Last thing I want is for that to be published. Whether I do business with AIM again will depend on how they handle this. I was going to place an order this weekend until I found the threads about the security event. Finestkind |
|
|
Quoted:
Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! View Quote View All Quotes View All Quotes Quoted:
Quoted:
There is sporadic information through out this thread. Get a cold drink and set down and go through it. Sroy, IMHO this is what we all need to keep track of to see if any us get "hacked/scammed" so we can alert the FBI/ATF. TY for sharing! I got an alert from Microsoft Account team about "Unusual sign-in activity" on April 15 that someone was attempting to sign into my Hotmail account. |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.