after a security breach at
Nashbar.com resulted in fraud.
(Photo © J. Maus)
Northeast Portland resident Gabriel Tiller is sort of a bicycle renaissance man. He has won a national tall-bike jousting competition, taken top prize at the Zoobomb Century, earned a spot on the gravity-biking podium at the Maryhill Festival of Speed, he likes to do bike touring, and he has recently taken to mountain biking.
Most of the time, Tiller builds bikes from used parts lying around his garage or from the various sources around town. But often, he buys hard-to-find parts from an online retailer to feed his cycling habit.
Last week, he noticed several strange charges on his credit card that went to unfamiliar websites like “networkagenda.com,” “fedgrantusa.com,” and “gglprofit.com.” He immediately Googled them and found that there were many other people complaining online about similar fraudulent charges. A little more digging and he confirmed the culprit: Nashbar (also known as Bike Nashbar).
Nashbar (which is owned by North Carolina-based Performance Bicycle, Inc.) is a large, national online discount retailer of bike parts and accessories.
According to pages and pages of complaints from angry customers on BikeForums.net, Nashbar has acknowledged that one of their websites was hacked back in December 2008. However, according to this local newspaper story, the company didn’t tell customers about the security breach until July 1 of this year.
Also according to that story, Nashbar has sent out a letter to customers about the incident. Tiller says he has yet to receive a letter. He called Nashbar and they took down his details, but so far, they haven’t offered him any compensation.
I’ve tried several times to speak with someone at Nashbar about the issue. The two people I’ve gotten through to both refused to give me any information about the incident. The Nashbar “Customer Care” representative said she doesn’t handle information for the media, but she would not give me any other number to call. As I was trying to get more information from her, she just hung up the phone.
Nashbar has admitted that their customer’s credit card information was stolen in a security breach, yet they waited seven months to notify anyone about it and when asked to provide more information about the incident, they refused. (Update: I’m now trying to speak with someone at Performance).
As for Tiller, he’s keeping a close watch on his bank account.