Blowout Cards HACKED: Collectors Hit For $100K +

Blowout Sports Cards has been hacked! First reported by Sports Collectors Daily in April, word of the attack is slowly trickling through the hobby.

Credit and debit card users from January – April 20, 2017 could have been impacted.

A quick browse through a forum thread about the data breach, one collector got hit for $30,000 in fraudulent charges!

The response from Blowout has been weak at best. Some are reporting they have discovered fraudulent charges without getting notice from the company.

New Podcast: Blowout Sports Cards Hacked

Blowout even banned an impacted customer from their forum after the user made numerous complaints about the lack of communication regarding the hack. WOW.

Why wasn’t Blowout treating everyone with kid gloves? Appears as though Blowout management even suggested as much to “Houdini”. Shows a level of arrogance, at least with this particular employee.

Hopefully guys like “Houdini” don’t have access to customer order history and information.

Company owner Tom Fish was last spotted at the Topps 65th Anniversary Party with $50,000 worth of invites.

The high profile attack of the Topps website should have put eCommerce stores in the sports card space on notice. Clearly Blowout Cards dropped the ball and the nightmare stories from their customers are starting to pour in.

If you own an eCommerce website, including a group break site, get your website secured now or this could happen to you!

“Got hit with a $1,270 charge for a Hotel on booking.com”

“Have had a debit and cc hit because of this. Over 20k in charges, from plane tickets, nba.com, staples,office depot, the list goes on. Pissed dosent begin to cover it.”

“Got hit for $349.98 at Walmart.com”

“I believe they are to busy tweeting and facebooking self promotion than actually notifying the customers.”

“I now have a $6,000 check to the IRS that just bounced. Thanks blowoutoutcards.com.”

“They got me for $91 at sunfrog.”

“I got hit with $600 to Dave and Busters.”

“4 charges totaling $2151.59 in 3 days.”

“I just placed a pre-order for 2017 Topps Chrome, and I didn’t do it here. This incident is the #1 reason why.”

“Had $500 in Fraudulent charges on my account.”

“I’ve had two cards affected by this – several thousand in charges.”

“I didn’t receive an email and my CC “was” compromised!!”

“This may be more widespread the BO is leading on. I have been getting emails from seniorpeoplemeet.com recently and never have in the past.”

“My card was hit for over 30k, all purchases from AT&T.”

“Ordered a case of 2017 TC from somewhere else today.”

“My card was compromised last week too. About $1100 in charges.”

“It seems Blowout is more concerned with sweeping this under the rug then doing right by their customers.”

A breaker on Blowout came to the company’s defense.

@LoriVanSanten @SportsCardRadio @SportsCardNews You realize in your article you claim @blowoutcards banned a member for numerous complaints about lack of communication is 100% false right?

— David Thimesch (@thedthimesch) May 10, 2017

My response:

Would the customer have been banned if not for posting (complaining) in the thread?

Would the customer have been banned if he posted nice things about Blowout in the thread?

The logical answer to both is: NO

@SportsCardNews Not sure what fish does in his personal time has anything to do with that.

— MD BOY (@CHUCKLERS) May 10, 2017

My response:

The “professional” story was written about the hack by Sports Collectors Daily. My take was to put a TMZ spin on it.

A company owner partying in Vegas while his website was being hacked is the type of juice I love.

 

5/16/2017 Update:

Blowout Cards sent this email to customers.

View Download PDF: Update to Previous Notice of Data Breach