PSA--possible Flannery Berserker credit card breach? [UPDATE in First Post 2/14/20]

In the past week I’ve had fraudulent charges post on 2 different credit cards of mine. I’ve been scratching my head on this and it seems the only recent purchases that aren’t “typical” for me (on 2 different cards) are related to buying wine from several wineries. Has anyone else had this happen recently? Could we crowd source a common entity? Or maybe my usual shopping sites are the culprit… Just a total shot in the dark, really but thought I’d ask the community at large.

[MOD EDIT: added update as of 2/14/20]

[Mod edit: added Flannery response]

I’ve had this happen recently on a brand new credit card that was 9 days old (after getting a replacement because of suspected fraud) and after using it at maybe 5 physical stores and 5 online wine shops… They had my credit card number and street address and used it in combination with someone else’s Ticketmaster account to buy expensive Sacramento Kings tickets.

All resolved with the credit card company and Ticketmaster, but thought it’s worth sharing.

I got a fraud alert on a replacement card for a card that had been closed, even before I activated it*

*OK, that’s hyperbole, but it’s a little sad and scary how much fraud is out there, and how often cards are compromised and have to be replace.

Hmm. Coincidence? David and Andy – you guys should compare lists of wineries. Also, do they possibly share some backend software or transaction processor for their sales?

I’m always a bit nervous about giving my credit card info to small businesses (such as wineries) because I suspect many do not have very robust security.

Not that big business’s record has been great.

I actually had a fraud on my CC on the Wed or Th after BD10. They attempted a $0.85 charge at some sort of “restaurant” in CA. Can’t recall the name of the town. Nowhere I’d ever heard of. I initially thought it could have been related to BD10 purchases but I use my CC a lot in general (online and in person) so it would be hard to pinpoint where the fraud could have originated.

We had a card replacement about a week and a half ago. The attempted charges which our CC company flagged were in the midwest somewhere.

It’s a card we use a lot, so I’m not sure it’s any of the wine-related places it was on file (listed below), but just in case there is a pattern to be found:
K&L
Benchmark
Tercero

It’s very likely one of the websites you have used is compromised. Share the list of retailers and I would imagine a common entity will emerge.

My card was compromised last year but I have no clue how.

I’ve wondered about the common winery back end. When I search my email for certain producers other wineries that appear to be using the same backend software also pop up. Anyone know why that is?

Woa. I had the same thing!!
Chase flagged it as fraud and called me.

Like 83 cents from a restaurant in California.

Only I bought in BD11 was Flannery tho?

Wow. Maybe we’re on to something, (or maybe coincidence?). I hate to publicly post entities because I don’t want to tarnish any names, but 1 place I purchased from has been named already in this thread. In my original post I made the mistake of not saying my unusual purchases were from wineries, online wine stores, and a BD purveyor. That said, I bet most companies are under cyber attack constantly so not sure all this will help much.

I also had this happen to me, with an non-new card. A random charge of over $900 from Ticketmaster appeared with the description of Sacramento Kings, but then the charge was refunded/reversed the next day…

It might not just be software that a winery uses. The sales part of their website might actually be run by some other company that furnishes that service to wineries.

Interesting… Same charge here, $950 and change. Ticketmaster refunded and clearly identified as fraud, Chase closed my card and sent me yet another new one.

Not trying to call out anyone or suggesting their website or partner website was hijacked, but here’s the list of wine related stores I’ve used my credit card in the 9 days I’ve had it before the fraud occurred: Crush, Flannery, wine.com, Ceritas.

Mine was also a Chase card and I requested a replacement as well (the charge was on 2/1, refunded on the 2/2). And as for stores I used mine at: Starbucks, Amazon, and Flannery… hmm…

Mine was a Citibank card and I purchased from Flannery, also. Citibank called me regarding a bogus $78 hotel (I think the business was something like HotelTonight, the reviews are brutal) charge in San Francisco.

4 mentions of Flannery… I don’t believe in coincidences

Me too. I sent them an email to alert them.

.

5 people so far. I tried calling them multiple times and left a voice mail

Not sure it’s Flannery but that’s one of the merchants I bought from during BD. Got $0.1 from Wilborniti Turkey Run US last Thursday, then $600+ from GB which Citi marked as fraud and contacted me immediately.