Curlmart Unsecured?

sunt97sunt97 Registered Users Posts: 2
I wanted to order some products but just before I was going to enter my credit card info I noticed that the lock was unsecured. I thought maybe it was my computer but it happened again. What's the deal?

6 months into the natural thing
«13

Comments

  • Shelly FontanaShelly Fontana Registered Users Posts: 253
    Hello,

    Thank you for your feedback. CurlMart security is very important to us. We ran testing across the website, the lock is secure. Please email me directly if you have any questions and I will assist you.

    Thank you,
    Shelly
    [email protected]
    Shelly Fontana
  • sunt97sunt97 Registered Users Posts: 2
    It is still saying unsecured. Not sure what the problem is.

    6 months into the natural thing
  • A_Klass_ActA_Klass_Act Registered Users Posts: 56
    sunt97 wrote: »
    It is still saying unsecured. Not sure what the problem is.

    6 months into the natural thing


    My credit card information was hacked on 11/22 from a CurlMart purchase on 11/20 -- so if you've purchased anything during the time in question --- make sure you look at your credit card statements closely and contact your bank/credit card issuer immediately.

    I actually want to buy more products from Curlmart but I'm terrified to do.... I hope Curlmart will get it together soon.
    Hair properties: Low porosity/fine strands Poo: CJDF, SM Moisture Retention RO Condish: Tresemme Naturals Deep Condish: JCWDT, CJHBDF LI: CJSL Moisturizer/Styler: Curls Souffle, KCCC Extras: Cassia, Bentonite & Rhassoul Clay, Shea butter mix, Cocoa butter mix, Castor oil
  • aislinaislin Registered Users Posts: 864
    So does this have anything to do with that email that was sent out this morning about curlmart getting hacked into? I also placed a recent order about three weeks ago and now I'm freaked out to tell my MIL to shop here for me for Christmas gifts!

    I think I'll find somewhere else to place my orders until there's some kind of confirmation that NC.com is upping its security.
    Wurly, fine, thin, moderately to heavily porous. Mod CG.

  • A_Klass_ActA_Klass_Act Registered Users Posts: 56
    aislin wrote: »
    So does this have anything to do with that email that was sent out this morning about curlmart getting hacked into? I also placed a recent order about three weeks ago and now I'm freaked out to tell my MIL to shop here for me for Christmas gifts!

    I think I'll find somewhere else to place my orders until there's some kind of confirmation that NC.com is upping its security.


    I got the same email this morning as well. I replied to it -- have yet to receive a response. In my case, I didn't use my card for any online purchases except on the 20th and it just so happened that my card was fraudulently charged $49.99 for some sort of Microsoft Xbox service (from the state of WA -- I'm in SC) on the 22nd... Fortunately, I check my bank accounts multiple times a day and caught it the same day the charge was applied. My bank cancelled my card and refunded the amount a couple of days later.

    Hopefully Curlmart will provide us with some sort of assurance that the website is safeguarded properly, as I really like ordering from the site and would actually prefer to do so in the future. However, I WILL NOT do so until it is 100% secure!
    Hair properties: Low porosity/fine strands Poo: CJDF, SM Moisture Retention RO Condish: Tresemme Naturals Deep Condish: JCWDT, CJHBDF LI: CJSL Moisturizer/Styler: Curls Souffle, KCCC Extras: Cassia, Bentonite & Rhassoul Clay, Shea butter mix, Cocoa butter mix, Castor oil
  • girliegirlgirliegirl Registered Users Posts: 2
    My credit card information was stolen from the Curl Mart site as well. I made my purchase in October as well. I noticed the fraudulent activity on my credit card and had to shut my account down. I'm very disappointed in the lack of security by Curl-Mart. I will not be shopping there again.
  • SegBSegB Registered Users Posts: 692
    Recently someone hacked into my debit card account and made purchases...I don't know for sure but purchasing from CurlMart was the only difference in my usual transactions.

    I also was notified that a vendor reported to my credit card a breach in security and my bank is sending me a new credit card...

    Regardless, I really hope someone is looking into this...
    2b/3a, normal/high porosity, fine/medium texture, medium density, low elasticity

    Low Poo- Tigi Colour Goddess, Giovanni 50:50, Giovanni TTT (clarify 1X/week)
    Condish- CJ Curl Rehab, Giovanni 50:50, Giovanni TTT
    Leave In- Slip Detangler, KCKT, Redken Curl Refiner
    Style- KCCC, SS CEJ, SS FHG
    Treatment- CJ Repair Me! and CJ CR

    Dislikes: Too much protein, high glycerin content, and heavy oils
  • Shelly FontanaShelly Fontana Registered Users Posts: 253
    Dear Customers,

    We take our responsibility for safeguarding your confidential and personal information very seriously. Please be assured we have taken appropriate steps to correct the breach and protect your personal information from further disclosure.

    Best,
    Shelly
    [email protected]
    Shelly Fontana
  • jillipoojillipoo Registered Users Posts: 3,795 Curl Neophyte
    girliegirl wrote: »
    My credit card information was stolen from the Curl Mart site as well. I made my purchase in October as well. I noticed the fraudulent activity on my credit card and had to shut my account down. I'm very disappointed in the lack of security by Curl-Mart. I will not be shopping there again.

    Nor will I. This is completely unacceptable. No amount of telling customers "We take this seriously" can make up for it, in my opinion. I'm shopping elsewhere.
    3a and strictly CG since August 2007. Porous and on the fine side. No to magnesium sulfate and glycerin. Yes to protein! Favorites:
    CO-WASHES: Suave Coconut
    CONDITIONERS and LEAVE-INS: Mop Top Daily Conditioner, KBB Nectar, Aubrey GPB or Island Naturals, Robert Craig, Any Jessicurl
    CURL ENHANCERS/CREMES/MOUSSES: KCCC, JoiWhip
    GELS: Fuzzy Duck, B5 Design, MGA Scultping, BRHG


    Fotki password: chuckle
    Blog: http://jillipoo.blogspot.com/
    Twitter: nopoojillipoo
  • sepiabellasepiabella Registered Users Posts: 8
    I had two instances of credit card fraud after a curlmart purchase. Had to close my account and open a new one. This is the first time it's ever happened to me and it is distressing.
    Real parents. Real information.
    ParentsConnect
    http://www.parentsconnect.com
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    i think i received an email this morning, but it was in my spam folder and as i deleted it my eye caught the words curl mart in the subject heading. i could not retrieve it. i, too, made a purchase from curl mart in oct, like on the 23rd i believe.
    please tell me what the email said, what steps i have to take!!

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • smasters467smasters467 Registered Users Posts: 527
    Hey rbb:

    CurlMart customers,

    The purpose of this email is to inform you of an information security incident at CurlMart.com that potentially could affect you. Hackers recently penetrated our firewall and gained access to data containing your name and credit card information without our knowledge. Although we believe the exposure to be minimal, it is possible that your information could have been viewed by others.

    In order to ensure your credit information was not used by third parties without your consent, we recommend that you monitor your credit report information and notify your credit card company if anyone attempts to obtain credit in your name. This could serve as an early warning if you become a victim of identity theft, even if such an occurrence is unrelated to this incident. You may also place a "fraud alert" on your personal credit file, which requires creditors to contact you before they open any new accounts or change your existing accounts. To place a fraud alert on your file, you should contact anyone of the three major credit bureaus listed below. As soon as one credit bureau confirms your fraud alert, the others are notified to do the same. Equifax
    l-888-766-0008
    www.equifax.com Experian
    1-888-397-3742
    www.experian.com TransUnion
    1-800-680-7289
    www.transunion.com
    [FONT=Arial, Helvetica, sans-serif]Even if you do not find any suspicious activity on your initial credit reports, we encourage you to consider cancelling your credit card or at a minimum actively monitoring your account statements and credit reports. For more information on identity theft and detailed instructions on other actions you might consider, visit the Federal Trade Commission's (hereinafter "FTC") website at www.ftc.gov. If you believe you have been a victim of identity theft, we encourage you to contact the FTC immediately by calling the FTC hotline at 1-877-IDTHEFT.

    We take our responsibility for safeguarding your confidential and personal information very seriously. Please be assured that we have taken the appropriate steps to correct the breach and protect your personal information from further disclosure. If you have any questions or additional concerns, please do not hesitate to email us at [email protected].

    Thank you for your cooperation and understanding. [/FONT]
    How's My Hair?
    Review: L'Oreal Evercreme Cleansing Conditioner
    Review: Yes To Carrots Nourishing Shampoo & Pampering Conditioner + 35% off at YTC.com

    3a-b, fine & medium texture, medium-high porosity from years of damaging. I'm addicted to changing my hair color.
    Cleansing: No-Poo, Elucence MBS, YTC Poo,
    Conditioner: One Condition, JC Too Shea!, YTC Condish, Elucence MBC, Joico Daily, KCKT
    Styling: KCCC, LALPS, BRHG, Biotera Gel
    SMB Photography
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    thanks for the info. now i can safely stay awake!

    once i had info stolen from an insurance company, and the insurance company PAID FOR A YEAR ON EQUIFAX as it was THEIR FAULT.

    what is naturallycurly doing? it is their fault, so now i have to pay?

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    anyone have any idea what approximate dates this happened? and what about the first email on this, asking about it being unsecured?

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    the agent equifax recommended a lock on my credit report. it costs $14.95/month. i could not understand him, heavy accent, so i asked him to mail this to me. and he kept on talking.
    and i said again, it is hard for me to understand this over the phone (i did not say due to his accent), i need to read it. please mail it to me. and he kept on.
    he kept on and on and on, like a salesman. i finally had to hang up after 8 full minutes of listening to him about this lock that i should get.
    it weirded me out!
    anyone else have this experience?

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • thefrizzqueenthefrizzqueen Registered Users Posts: 43
    I too had fraudulent charges within a day of my CurlMart purchase. Fortunately my credit card company alerted me to the fraud because the individual was attempting to change my billing address, in addition to the $500 purchases.

    I no longer feel confident shopping here anymore either, especially since this happened to me nearly a month ago and they just got around to sending out this e-mail, which doesn't exactly make me feel as though they are all that concerned.
    2c/3a, porous, coarse and thick. CG since March 2009
  • A_Klass_ActA_Klass_Act Registered Users Posts: 56
    rbb wrote: »
    the agent equifax recommended a lock on my credit report. it costs $14.95/month. i could not understand him, heavy accent, so i asked him to mail this to me. and he kept on talking.
    and i said again, it is hard for me to understand this over the phone (i did not say due to his accent), i need to read it. please mail it to me. and he kept on.
    he kept on and on and on, like a salesman. i finally had to hang up after 8 full minutes of listening to him about this lock that i should get.
    it weirded me out!
    anyone else have this experience?


    I replied to the email this morning asking if Curlmart would pay for, or at least, reimburse the cost of the credit report, for those of us whose information was actually stolen... Haven't received a response yet.
    Hair properties: Low porosity/fine strands Poo: CJDF, SM Moisture Retention RO Condish: Tresemme Naturals Deep Condish: JCWDT, CJHBDF LI: CJSL Moisturizer/Styler: Curls Souffle, KCCC Extras: Cassia, Bentonite & Rhassoul Clay, Shea butter mix, Cocoa butter mix, Castor oil
  • IrishOneIrishOne Registered Users Posts: 15
    I ordered from culmart about a week and a half ago. Several days ago someone used my card number to charge almost $200 at an online guitar shop. The charge went through. Today they tried to charge another $178 at the same store and my card company denied the charge and contacted me. I had to cancel my card and Chase refunded my money. II believe we should be compensated for this somehow. It was a big hassle and I was expecting a credit to go to my card from a place I had returned some clothes to. I had to contact them to issue my credit to my debit card. I am wondering if they have my debit card info since I have used this card in the past.
    Tried CG-Didn't Work Out
    Jessicurl Cleansing Cream
    Suave Conditioner
    CHS Curl Keeper and Gel
  • curlyserfcurlyserf Registered Users Posts: 858
    Glad I used PayPal to place my order on Sunday. I certainly will think twice about ordering from curlmart in the future.

    Kerri
    2?/3a ??? ; fine; high density; normal porosity and elasticity
    color treated

    CURRENTLY USING:
    cleanse:Organix Vanilla Silk, Use Me Cleansing Cream
    rinse out/li:Ion Effective Care, Tresseme Naturals Radiant Volume (both with NPF added)
    stylers:Curl Keeper, UFD Curly Magic, & Alba Botanicals Strong Hold Gel
    PT:CJ Repair Me

    mod CG since August 2010
  • lazykerrilazykerri Registered Users Posts: 650
    I made a purchase from Curlmart in Sept or Oct and in early October someone tried to charge $1 via AT&T. Luckily, I used my PayPal debit card, and they tried to confirm the purchase and couldn't, so it didn't go through. I'm still going to cancel my card, just in case.

    I don't necessarily blame Curlmart, because I've heard of hackers getting into even very secure systems (no such thing as hacker proof).
    [SIGPIC][/SIGPIC]
    ~ Always naturally lazy and curly! ~

    Photo album password: curly
    Blog: lazykerri.wordpress.com
    Curl Type: 3a Fii
    Current Favorites:
    • Jessicurl Too Shea Conditioner
    • Jessicurl Confident Coils
    • Rockin Ringlets, and
    • Herbal Essences Set Me Up Gel
  • StarmieStarmie Registered Users Posts: 7,169 Curl Virtuoso
    I got caught too, luckily my bank picked up on it straight away as unusual activity (no I don't play online poker in the middle of the night!) and put an immediate block on my card. Got new cards pretty quickly and it didn't even appear on my statement. I too have to question how it took so long for nc to realise there was a problem - it was a month ago that I placed my order. I do agree with lazykerri though, it can happen to anyone.
    3b in South Australia.
  • oddityofwingsoddityofwings Registered Users Posts: 1,261
    Is this only an issue for people who've placed orders recently, or should people who placed orders further in the past (say, April?) be worried at all?
    3b/c. Fine, med-high porosity, normal elasticity. Hair loves oils in summer, protein in winter. Constantly battling the hard water monster.

    Favourites:love5::
    CJ Curl Theory, Curl Rehab, Smoothing, Curl Fix, Daily Fix, CCCC, CIAB, CQ, SSCC, MC shampoo, Inecto Pure Coconut Oil, CP luscious curl creme (summer), DB Pumpkin Seed (summer), FD/MT, JCWDT, JCTS

    American literature PhD student in the UK... :study:
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    yes, we should know as i have two different credit cards that i've used on curlmart, need to know if i need to cancel the other one.
    how much info were they most likely able to get?

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • SegBSegB Registered Users Posts: 692
    Is this only an issue for people who've placed orders recently, or should people who placed orders further in the past (say, April?) be worried at all?

    I think my purchase was in August/September...
    2b/3a, normal/high porosity, fine/medium texture, medium density, low elasticity

    Low Poo- Tigi Colour Goddess, Giovanni 50:50, Giovanni TTT (clarify 1X/week)
    Condish- CJ Curl Rehab, Giovanni 50:50, Giovanni TTT
    Leave In- Slip Detangler, KCKT, Redken Curl Refiner
    Style- KCCC, SS CEJ, SS FHG
    Treatment- CJ Repair Me! and CJ CR

    Dislikes: Too much protein, high glycerin content, and heavy oils
  • lazykerrilazykerri Registered Users Posts: 650
    Just wanted to add that the email message went into my spam folder, as well. That was because it was sent from a different email address than their usual. It would be better to send important messages like this one with the From address being their usual ([email protected]), if possible.

    It would also have been good to post a message on their page and in Curltalk.Then again, maybe they're worried that will scare off new customers?
    [SIGPIC][/SIGPIC]
    ~ Always naturally lazy and curly! ~

    Photo album password: curly
    Blog: lazykerri.wordpress.com
    Curl Type: 3a Fii
    Current Favorites:
    • Jessicurl Too Shea Conditioner
    • Jessicurl Confident Coils
    • Rockin Ringlets, and
    • Herbal Essences Set Me Up Gel
  • A_Klass_ActA_Klass_Act Registered Users Posts: 56
    lazykerri wrote: »
    I've heard of hackers getting into even very secure systems (no such thing as hacker proof).

    Very true! There is no one site that is completely hacker-proof, however, I would've liked to see Curlmart be more upfront with their customers and disclose the information quicker than they had. Honestly, when I saw the fraudulent charge, Curlmart's security, of lack thereof, wasn't even a thought, as I assumed that a site this big, with THIS many product lines, would be on top of their game...

    Like I said previously, I would actually prefer to shop at Curlmart, primarily for the convenience of buying multiple products from different product lines at once, but I WILL NOT put myself in a precarious position -- especially when I am fully aware of the security flaws this site has.
    Hair properties: Low porosity/fine strands Poo: CJDF, SM Moisture Retention RO Condish: Tresemme Naturals Deep Condish: JCWDT, CJHBDF LI: CJSL Moisturizer/Styler: Curls Souffle, KCCC Extras: Cassia, Bentonite & Rhassoul Clay, Shea butter mix, Cocoa butter mix, Castor oil
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    lazykerri wrote: »
    Just wanted to add that the email message went into my spam folder, as well. That was because it was sent from a different email address than their usual. It would be better to send important messages like this one with the From address being their usual ([email protected]), if possible.

    It would also have been good to post a message on their page and in Curltalk.Then again, maybe they're worried that will scare off new customers?

    that is what happened to me -- it went to my spam folder, i did a quick glance, did not recognize the address, and hit delete. as it was going i thought i saw curlmart in the subject heading. if it had been their usual address, would have gone directly to my inbox and i would have recognized it.
    and, yes, a post would have been more upfront. it's something we need to be aware of ASAP!

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • aunttallulahaunttallulah Registered Users Posts: 206
    My purchase was in September. I found some weird things going on & had the card cancelled. It was over a week before curlmart sent out the email.
    I know these things happen & all, but it does shake ones confidence in on line ordering.
    Toronto, Ontario Curlie
    2c/3a Fine Texture/Normal Porostiy/Normal elasticity
    Using:CJCR/CJBH, Kevin Murphy Maxi wash, AG: recoil, JCCC, DBPSC, SSPT, SSPS, CHSCK
    Air Dry only!
    Want to take my new found knowledge and apply it to make lovely lush locks!
    Living life one curl at a time!
  • rbbrbb Registered Users Posts: 4,357 Curl Connoisseur
    My purchase was in September. I found some weird things going on & had the card cancelled. It was over a week before curlmart sent out the email.
    I know these things happen & all, but it does shake ones confidence in on line ordering.

    this was going on in SEPTEMBER? and in october when someone asked about it they were told everything was good. apparently, this is something that they haven't yet gotten a grip on.
    we should have been told.

    3a, some 2c & 3b, medium texture, porosity normal, low elasticity :-(
    washing/cowashing, conditioning, protein tx: curl junkie products
    leave in:curl junkie conditioners and treatments as leave in
    styling: curl junkie 
    sealants - jane carter nourish & shine
  • GretchenGretchen Administrator Moderators Posts: 10,840 Curl Virtuoso
    Wanted to offer a bit more information:

    On October 27, 2010, NaturallyCurly.com was alerted to a security breach limited to our CurlMart boutique. Within 15 minutes, we investigated the alert, discovered the source, and removed the threat. Within the next hour, we completed server updates that we believe will prevent any such future breaches of our security.

    After addressing the breach, NaturallyCurly.com took measures to minimize the impact on our customers. We sent out a notice to all customers whose data may have been compromised so that they may monitor their accounts and alert their credit card issuer of the problem. While it is impossible for to determine exactly which customers were affected, we informed all customers who had credit card transactions within the security breach time period.

    We have secured the server, and are confident that the credit card information on CurlMart is safe. We regret the frustration and trouble this has caused and are taking measures to insure this does not happen again.

    Gretchen
    NaturallyCurly.com co-founder
    3A

    You are beautiful!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file