Did my computer get hacked or credit card number get stolen?

Was going through my credit card statement today and noticed a rogue $10 Groupon charge from Wednesday. I notified Groupon who is ‘escalating’ the charge, and also spoke to our CC company who says there have not been any suspicious charges otherwise, that I don’t know about that they denied. I will continue to monitor my CC a couple of times a day for the next couple of weeks. We have our credit frozen with the three credit-reporting agencies, so I’m not necessarily worried about anyone opening new credit in our names.

Yes, I deserve a stern lecture about protecting sensitive information, but I have a Word document on my MacBook desktop that lists all my accounts, with logon information and passwords, and up until 30 minutes ago, that document was not password protected. I have about 80 different sites/online stores that I have logons/passwords for in that document.

Have run the scenario past several people and no one can explain how someone accessed my Groupon account. 98% of my shopping sites do NOT have my credit card information stored. I did discover, though, that Groupon did have my CC information stored, so all someone would have to do is, log onto my Groupon account and they would be able to make the purchase. D1 suspects Groupon has been hacked and they lied to me about not knowing what happened. The other possibility is, I have been in the Apple Store twice in the last two weeks, doing One to One sessions with iMovie. But I never opened this document while in the store, although I did access their unsecure internet. I called the Apple Store, but the call went straight to Apple Care - I talked to someone there who says no one could access my laptop information without my permission.

Somewhere there is a leak of some sort, and I don’t know how to plug it if I can’t locate it. What am I missing?

I really don’t want to have to cancel my CC - even if I did, someone obviously has my Groupon login and password (which I’ve changed). Don’t want to have to wait for another card to come in the mail, then contact all the vendors that monthly and quarterly charges are made to via this CC.

The only other possibilities that I don’t want to consider are… in recent weeks, I have allowed computer-sharing to two different companies as I worked on projects/issues with my computer - Apple, and the cloud backup company I use. I had accidentally deleted some video and needed those projects back to burn to DVD, so the cloud backup company was able to retrieve them and reinstall them on my computer. Also, I was having some issues with my start up disk being full (which is why I needed to burn video to DVDs), so I did some trouble-shooting with Apple a couple of weeks ago and had a computer-share session. But with neither of these companies did I open this document during the computer-sharing session.

It is common for an ID theft scammer to make a small purchase first to check if it works.

I sent you a PM.

Yes, I am very aware of the ‘trying it out’ before making a major purchase, so I am watching closely. But it doesn’t answer the question of how did someone get my Groupon logon information. All someone needed was the Groupon logon information since my CC was mistakenly stored there. In fact, once I logged onto my Groupon account, it only showed the last four digits of my CC number - it didn’t show the whole number, so I’m not convinced someone has my entire CC number at this point.

The hackers may well have bought your credit card number from a dealer. Large commercial databases are hacked regularly.

http://krebsonsecurity.com/2015/01/how-was-your-credit-card-stolen/

Change passwords for all online accounts. Change the password for bank accounts and retirement accounts.

Your credit card company is sending you a new card, with a new number, right?

Do your kid(s) have access to your Groupon account? Maybe one of them bought the $15 Starbucks groupon for $10.

LOL @SnLMom - that was the FIRST thing I did… sent out a group text message to H, D1 and D2 asking them if they’d accessed my Groupon account. Got quick noes from all of them.

@Periwinkle - no, we are not jumping to new CCs yet. I’m not sure that my CC number was stolen - someone just may have accessed my Groupon account - like I said, it only lists the last four numbers of the CC when you log on - it doesn’t give the whole number. I guess I’m just so tired of this becoming an almost annual thing - having to get new credit cards, whether from a Target or Home Depot hack, or someone stealing it from some other place. No one can open new credit since our credit reporting status is frozen.

One of my cc numbers was hacked recently. One small charge, and then several rapid attempts for charges of several hundred dollars each. When I spoke to Chase, they said that there are people out there running computer programs and trying to accurately guess someone’s cc number.

I don’t think that’s what happened to you, but replacing your card should put the lid on any breach for now.

One of my husband’s cards had a charge on it that the credit card company caught and sent him an email just yesterday asking if he had made the charge, which my husband verified he had not, and followed up with a call to the credit card company. The charge was for an iPod Touch accessory. My husband got a new IPod for his birthday a few weeks ago, and he suspects that this hack was initiated in some way through iTunes. This is the second time a credit card problem he has had was link to iTunes. Your Apple Store connection may be right on target.

I just don’t see how it can be just a credit card hack, not that my CC information might not be out there for someone to use/replicate/sell, but this involves someone having my Groupon logon/password. Which makes me think it’s a Groupon hack. Otherwise, they’d have to have access to my laptop where I keep this document stored… which then leads me to consider the computer-sharing concern again - either Apple, or cloud back up recovery company… but with both companies, I was online with them during the entire share, and we never opened up that document.

H and I debated this for a long time tonight, and tomorrow we are going to reset all 80+ passwords, and call CC company and order new cards. It’s the only way to cover as many bases as possible and waiting for a clearer answer does not seem to be in our best interest. Seriously, this happens on average once every 12-18 months for us. At least I’ve got all my information in an organized document to get through it more expediently.

Once every 12-18 months is no big deal in this day and age, especially considering you seem to shop online a lot with 80+ passwords. Why all the passwords anyway? Do you really need an official account on all those websites? I shop online a lot but have very few accounts set up and where I do, I definitely don’t save credit card info on this accounts. I’d rather go through the hassle of entering my address again rather than having too much personal info out there.

And definitely don’t put it on your computer. It would be safe to actually have a hard copy in your house, I would think. You probably have less chance of getting your house broken into and them finding your list than you have of someone hacking your computer.

80+ passwords? That’s too many! I just use my dog’s name as a password for everything.

I don’t think there’s any way you’re going to definitively find out what happened.

A few months ago, I had several charges - all in the $200 range – from RueLaLa, a site I’ve never bought from, so I called and they sent out another card. Honestly, at this point it happens about once a year, and when it does, I just get the new cars and I don’t really even bother to call the places where I have recurring charges - I wait til I get a notice that a recurring charge didn’t go through and then I fix that charge on the spot. It’s like a flight delay - it’s a hassle but I can’t get too worked up over it.

I use PayPal for most on-line purchases. God forbid PayPal getting hacked . . . .

Teri - like you, our credit status is frozen so no one can open up new cards. I just sort of think that having this happen every year or two is the new normal, honestly.

1. Computer not hacked.
2. It's ok to store your passwords in a document on your computer. It's better to encrypt it. There is a small worry that someone could access it from outside your home but that's pretty darned random unless you have real enemies!
3. So what happened? Possibility: mistaken charge; the back-end software at Groupon charged your card by mistake. Or if you want a "dark" scenario, maybe someone at Groupon did this on purpose, likely to a bunch of people, to meet some personal sales requirement or some other metric. I would assume mistake.
4. Do I think it was stolen? No for the specific reason that it was used at Groupon and they have your credit info on file and that is associated with an email address. So unless that $10 of whatever went to some other person's email address, then why would someone do that? If you buy credit cards, you test them in other locations, in places where the credit card isn't on file so you can have goods shipped or emailed to another person.

This is probably a dumb question, but are you positive the Groupon charge was to YOUR Groupon account, as opposed to some other account but charged to your card?

@garland - well, when I log onto my Groupon account, it shows all my Groupon purchases, which are all of nine since 2010, and the Groupon for Starbucks is there in the list. What I wish we could do is, wait for the Starbucks Groupon to be used and nail the person that way, with some sort of security camera or something - then ask them how they got the Groupon. But I highly doubt Groupon and/or Starbucks is going to spend the resources to follow up on a rogue $10 charge.

@Lergmom - thanks for the insight and time to decipher all of my main concerns! You are asking the same questions I am, and have proposed some interesting scenarios. I think the crux of the matter is, we will likely never know (thanks to @Periwinkle’s article linked above) what really happened, but I think it is likely to be one of the possibilities you suggested. Regardless, we’re going to change all passwords today.

@simba9 - I don’t have 80+ passwords, but 80 different sites that require logons and passwords… financial, electronic medical records, subscriptions, airlines, retail, bill pay, etc. I’d say there are at least a half dozen different passwords that cover the majority of those sites… which is just enough to confuse me - H and talked about it last night and we came up with a system that I’m very comfortable with that we will institute today - it’s based on how he meets his requirement of having to change the computer password at work every 60-90 days, and the system he uses to remember those password changes.

Well, I at least got an email from Groupon this afternoon telling me that they had processed my $10 refund to my CC!

There are programs out there that can hack a Word document password in seconds. It’s far better to use a program specifically designed to store passwords such as PasswordSafe, KeyPass, etc. They use a higher level of encryption. And be sure to use a real strong password for your password safe!

Also, bad idea to use one login and password on everything. If someone gets into one of your accounts, they can then get into all of them.

I have never used Groupon, so this may be a dumb question, but if the charge shows up both on your credit card statement, and on your Groupon “account” when you log in there, Groupon must have processed it. Can Groupon not confirm to whom and where they sent the $10 gift card, and what prompted them to do so?