jmarshall Posted May 6, 2008 Posted May 6, 2008 Hi, I am obviously very inexperienced with shopping carts so please parden what might be an obvious question - I took over an OScommerce account, basically for maintenance purposes and never realized until recently, that storing the cc#'s in plain text, was very much not what I should have been doing. The store is not a very busy one and I was able to set them up with a direct payment gateway about 3 weeks ago. I am just concerned about the time I had those card #'s out there - there were only about 17 of them and have no reason to believe there was any breach. I have since asked the customer to have someone else take on this account because this is just not my area of expertise obviously - should i be doing anything else? Thank you so much.
♥geoffreywalton Posted May 6, 2008 Posted May 6, 2008 I would delete the numbers as well. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>.
jmarshall Posted May 6, 2008 Author Posted May 6, 2008 Thanks, I should have mentioned - I did do that, before actually I got the payment gateway in. Do you know how would I know if I was compromised before that?
tp-ePay Posted May 9, 2008 Posted May 9, 2008 Hello Jennifer, I'm sure you have done the right thing and when you have warned the customer, there is not more you can do. It's then their responsebility to be aware of any suspicion the transactions/draw from their card. If you would like to know more about fraud and security when reciving online payments, please look at this post: http://www.oscommerce.com/forums/index.php?sho...=301702&hl= Kind Regards, Thomas Pedersen ePay Europe
Recommended Posts
Archived
This topic is now archived and is closed to further replies.