Several weeks ago, we told you how several Best Buy customers were complaining that someone out there was attempting to make bogus, phantom purchases through their BestBuy.com accounts. We wondered at the time if the retailer’s site had been a possible victim of someone cracking into its customer database, but Best Buy says these unfortunate incidents are the result of ramped-up efforts by scammers against BestBuy.com and other websites.
“We — along with a growing number of other retailers — are seeing increased attempts by hackers around the world to target customer accounts on BestBuy.com and other online retail sites, and compromise the stored user information,” a company rep tells Consumerist.
The company says that its user accounts — user names, passwords, other stored information — have not been compromised and that the scammers “appear to be using combinations taken elsewhere in an attempt to gain access to BestBuy.com accounts.”
As you know, any number of sites have had their user databases hacked, thus giving scammers access to user names and passwords that people might have used on other sites. And if you’re going to test a login and maybe make an illegal purchase, an electronics retailer seems like a good target.
“We are working to take care of our customers affected by these attacks,” adds the rep, “crediting their accounts for any unauthorized purchases, and requesting that they take the time now to protect their online information (such as updating their BestBuy.com account passwords, not using the same passwords across different accounts, etc.).”
Best Buy customers with immediate questions or concerns can call 1-888-BESTBUY.
In general, you should never use the same user name/password combination for multiple sites. Once someone has that info for one site, it’s incredibly easy for them to run a script that attempts that ID/password combo at numerous sites, hoping to hit just a few.