Over a year ago I ordered the satanic Firefox t-shirt from the Mozilla store. I really enjoy using Firefox on a daily basis, and can certainly stand behind it via t-shrit. Unfortunately the Mozilla Store experience failed to be on par with its advertised web browser experience.
Once I got the shirt in the e-kart, I had to create a new registration. Sure, registering for yet another web site is a pain (almost 50 different sites now have my credit card into, and each has their own username/password), but such is the internet today. However, after signing up, I was not re-directed to the checkout page. I assumed I needed to select the item again, so I annoyingly went back through the product listing and re-added it. This finally led me back to my shopping-cart, where I then found it contained 2 of the same item.
Removing the duplicate, I continued on and made my purchase. I then wanted to be secure by logging out, but after several minutes of searching, I was unable to find any link in which to log out. Went ahead and closed the browser, and assumed that was the last I needed to worry.
Later that day I receive an email.
Before we can release the order to ship, we need to verify the billing and shipping information. We have ran the credit card and show that parts of the billing information supplied to this order does not match the billing information for this credit card.
???
I’ve made several dozen online orders in my day, and I’ve never had a problem with my credit card. I checked the order confirmation email, and logged back onto the site. Both places had perfectly correct addresses.
Even though this has never been a problem, I went ahead and added my middle initial to my name and put my apartment number on the address 2nd line. After confirming my updated info, I was dismayed to find my address displayed like this:
!!!
I’m not particularly paranoid about security, but after all this, I hardly felt confident sending all my address information over unencrypted email. I replied that I double-checked my address info, and everything was correct. If they wanted me to re-send it anyway, I would appreciate additional details on why.
The patient fellow explained in his reply, "if you are a new customer ordering then, for your safety and ours the order gets held for verification purpose." Well that’s nice, but it still didn’t make much sense. He included my address in his email, which I added a few details that I didn’t think were necessary (middle initial and name of company at the shipping address). I eventually got my shirt, and have worn it ever since.
After all this, I can’t say I’m very surprised with the news that the Mozilla store was hacked. If my ordering experience is any indication of how the store’s backend was handled, then they were just begging for problems.
0 comments:
Post a Comment