This is a phrase that shows up quite often in our credit union newsletters and I know not to ever give out any account information, passwords, etc. Sunday I checked my email and I had an email from Bl0ckbuster 0nline thanking me for my current subscription. What? I went to their website and requested the password be sent to me. Funny – no security question asked so I went ahead and reset the password so I could look at it since I had no clue about it. When I checked the account information it had my correct billing address and the last four digits of my CREDIT CARD NUMBER! I was mortified so I checked my card account online and there was no strange activity and Bl0ckbuster customer service was closed until this morning. The first time I called the rep told me he needed my full credit card number in order to access the account. Um, no. Look it up by my name. He did, verified shipping information and asked me what city I was born in and we proceeded to talk about the account. I immediately hung up and called to cancel the c/c and report the fraudulent activity. I wanted more info from Bl0ckbuster so I called back and got rep #2. She asked for the c/c number and I, again, told her no and to pull it up by my name. She did asked me the same security question and I answered her. See, here’s the thing. I gave the wrong answer to both reps. When I was talking to Will to tell him not to use his c/c I decided, for giggles, to see if he knew what city I was born in (for the longest time he couldn’t remember my birthday or the color of my eyes). He answered and I told him he was wrong…but, he wasn’t. I was! I always get the city I was born in confused with where I lived for the first few years of my childhood and I have a little ditty I say “I was born in abc, lived in xyz” and then give the city as abc. Not today. I guess I was just so flustered that I gave xyz as my answer and it was WRONG. So, my third call to Bl0ckbuster I had the guy pull up my account and told him I wanted to verify the answer to the security question on the account. He told me what it was and it wasn’t even close. Both other reps had let me get information on the account with the wrong security answer. Nice, huh?

This is what I found out: It was set up via a 3rd party website – they told me they can’t see which one that their legal department will have to look into that and the only way I can get the information is by subpeona. They told me that I supposedly set this up on Saturday. Didn’t happen. Even if I did, by some strange act, I would never have put in the answer they show as the city I was born in. Never. It would never have dawned on me to use it.

Credit card canceled: check.

Affidavit for fraud filled out: check.

Upset over the lack of security for them: check. Thank goodness I don’t have a real account with them and if I did, I would surely cancel it after this.

It’s funny. If I hadn’t told them it was fraud they would have told me every.single.thing about that account but when I try to find out how it was set up their lips grew tighter than bark on a pine tree. Go figure.

New cards will be here next week and there is a pending charge with today’s date from them, which rep #1 told me there wasn’t, rep#2 confirmed her, and rep#3 told me they must have both been smoking crack because he saw it plain as day, which my bank will reverse immediately. (no, he didn’t really say they were smoking crack but did say they didn’t tell me the truth.)

Earlier in the year and then again late spring, we got a letter that our credit information had been “compromised” (read as: lost) from two different places so I watched our credit reports closely and no funky stuff there and one sent a letter that they had investigated and all was well.

People: shred, shred, shred and make sure the sites you are on are secured sites before entering any credit card information. The credit card they used wasn’t one I use anymore and it hasn’t been used for anything in the recent past so who knows how, where or when the information was acquired. One person told me i.d. theft. One told me phishing. I don’t really care I just want it fixed.