Results 1 to 2 of 2

Thread: TradeMotoin (parts website host) breached

  1. #1
    Join Date
    Dec 2012
    Location
    Seattle, WA
    Posts
    160
    My Cars
    E90 M3; E36 M3

    TradeMotoin (parts website host) breached

    I recently received a notice that TradeMotion, the company that operates automotive parts websites nationwide, has been breached. My notice came from the owners of GetBmwParts.com which is hosted by TradeMotion. I was informed that my personal information and credit card information may have been stolen. I buy most of my parts from GetBmwParts. But this whole business really pisses me off. Companies like TradeMotion are simply lazy. They are lazy because it is not until after they have a major breach that they take action. So now they take action: “new security hardware and software has been installed and two independent third-party auditors have been retained.” And now I get a free year’s subscription to credit monitoring. Thank you for putting the problem on me and absolving yourself of responsibility. Nicely done.

    And I’m pissed at the people in Washington that take seemingly no action to reign in the constants breaches because there no accountability. If there were substantial fines for breaches on both the hosting companies and the credit card companies, likely the problem would solve itself. This is a solvable problem but laziness and a “let the buyer beware” attitude from all parties seem to make any accountability impossible.

    The only action is with the consumer. This worked somewhat in the Target stores case where sales plummeted and executives were removed.
    If you are buying parts online, it would not be a bad idea to find out how your transactions are being handled and who is really behind the transaction. The number of breaches are simply ridiculous and the response even more so.

  2. #2
    Join Date
    Mar 2008
    Location
    Silver Spring, MD
    Posts
    503
    My Cars
    14 Honda Ridgeline
    Dear valued getBMWparts.com customers and forum members,

    Regarding the security breach notice our Corporation – MileOne Automotive recently sent only to customers recognized as potentially at risk - we can certainly understand your questions and frustration. As stated in the notification letter, however, the security incident did not occur on MileOne’s systems or on our GetBMWParts.com or SubaruPartsDepot.com websites. Rather, the incident originated at one of our third party vendors, TradeMotion. TradeMotion is an e-commerce service provider that we, and hundreds of other online retailers (including other vendors on these forums), use to process online transactions including payment processing. Nonetheless, we recognize that you purchased one or more of our products and we take the privacy and security of our customers extremely seriously. That is why, despite the fact the incident did not originate with our systems, we took proactive steps to help you minimize potential harm from the incident.

    As to any concerns regarding the timing of the incident and the notification, the dates identified in the letter reflect the period of time that TradeMotion has determined account information was vulnerable to unauthorized acquisition. The March 5, 2014 date is not the date when the security incident was discovered. Rather, it is the beginning of the security breach period which was determined after the breach was discovered and TradeMotion completed its investigation. The notice was provided only to customers identified as potentially at risk after TradeMotion completed its investigation, including the following:

    • Notifying the appropriate law enforcement authorities;
    • Investigating to determine the cause and scope of the breach;
    • Investigating to determine which businesses’ customer information was affected (because TradeMotion is a service provider for more than just GetBMWParts.com and SubaruPartsDepot.com);
    • Implementing corrective action to secure the system to protect customer information from further compromise; and,
    • Identifying the affected customers and the customer information that may have been compromised.


    We continue to encourage you to take advantage of the complementary ProtectMyID program being offered through the notice. In addition to the ProtectMyID program, you are also encouraged to consider the “Additional Actions” described in the notice, including:

    • Placing a fraud alert on the your consumer reporting agency file;
    • Placing a security freeze on your consumer reporting agency file;
    • Obtaining a copy of your free annual credit report from reporting agencies and reviewing it carefully for any discrepancies;
    • Reviewing account statements carefully for signs of unauthorized transactions; and,
    • Reviewing the FTC’s identify theft website for additional information.


    Should you have any additional questions or comments regarding this matter, please do not hesitate to contact us at getHelp@getBMWparts.com - further questions will not be answered here.

    Sincerely,

    getBMWparts.com
    MileOne Automotive
    Email: getHelp@getBMWparts.com
    Evan Winstead
    Internet Parts Director, getBMWparts.com

    Email: getHelp@getBMWparts.com Follow: FaceBook | Twitter NEW: Shop Porsche and Audi Parts!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •