Thanks for the heads up. Will do.

Edited to add;

They got us too. Cindy called our credit card company this morning, and there was an unauthorized charge made last night for around $200. Thanks so much for alerting us to this. We haven't received any word from Cornerstore yet.

So if you guys ever do business with Cornerstore, get on the horn now. I'd recommend getting a new card anyway.


Chris

Interesting...On their Customer Service page (CornerStoreComics & AmazingToyz :: shopping/customerservice :: Action Figures & Collectibles), their Customer Privacy Statement says:

CUSTOMER PRIVACY

Credit Card Information: It is worth mentioning again. Our Shopping Cart provider is VeriSign verified. Your credit card information is not stored in any online servers for your protection (and ours too, quite honestly).

...sooooo, exactly how did customer's Credit Card information get compromised...?

FYI

Securing your customers’ credit card information online is serious business. The Payment Card Industry Data Security Standard (PCI-DSS) came about as a collaboration between Visa, MasterCard, Discover and American Express to develop a single approach to safeguarding sensitive data.

Any business that deals with credit card data whether processing, transmitting, or storing it needs to abide by its rules. Your site must be approved and receive a certificate for PCI compliance. The deadline for Tier-1 processors has already passed, and all organizations must comply or pay fines by June 30, 2008. Businesses that are found to be out of compliance could have their credit card transaction privileges completely revoked.

PCI compliance is a condition of your contract with each credit card company. Although at the moment the process is semi-voluntary, there are severe fines and penalties for non-certified vendors in the event of a breach:

• $500,000 fines per incident if your network carrying consumer information is compromised.

• As much as $100,000 per incident if you fail to notify credit card companies of probable or actual thefts of customer information.

• For any infraction, you may be banned from allowing your customers to use credit cards.

Every part of the credit card processing chain—from the moment customers enter their credit card info to the server where customer data is saved—must meet PCI-compliance requirements. If you are accepting online transactions, this typically includes your Online Storefront, which collects the credit card data from the customer, the Payment Gateway, which processes the credit card to your Merchant Account, and the Hosting server or data center where all of these functions are processed and saved.

More Info: PCI Compliance Guide, PCI Data Security Standards, Manage a Data Breach, Protection Compliance and Reporting

...this is not necessarily against Cornerstorecomics.com, but more against the people/person who made the fraudulent charges:

Reporting Internet Fraud

Internet Fraud Information: USA.gov

Internet Crime Complaint Center (IC3)

Chris, I am sorry to hear that they got you too.

This is just so frustrating. A couple of years ago someone got ahold of those checks that credit card companies send out and ran up over $700 in charges on my card. It took me 4 months to get it all fixed. Not looking forward to doing it again.