Hi all,

I'm sorry to report in my first post that I've experienced credit card fraud after my purchase on this site last Friday. I rarely use my card, so I'm quite sure it is because of this purchase.

I don't want to blame anyone, but I just want you to know there is a leak somewhere which I hope can be found and fixed.

Regards,
Mark

It's not necessarily a problem of this site - for example, you could have a keylogger on your system, which grabbed and transmitted your data before it even got sent by your browser. That said, it'd be a good idea to contact support and give them as many details as you can. GOG cannot trace any credit card fraud by themselves (since they don't handle any credit card data by themselves), but they may be interested to know what's going on and/or to forward any potentially helpful data to the company that handles the payment.

GOG doesn't store credit card data at all so you might want to check your system out for keyloggers or trojans. Also, change your password(s) to all your accounts.

Run a full system virus scan before you do anything else. Then change all of your passwords. It sounds like something nasty has found its way into your computer.

A measure you should implement is running windows virtual keyboard for inputting passwords and credit card data (open the "run" window and type osk. This if you are running windows XP through 7). It's not foolproof of course, but it's another bit of security you can add.

Running your antivirus + antispyware software is also a good idea now that you have reason to believe you may be infected.

I knew nothing about this. Thanks for mentioning this.

Might be a false alarm. Is the fraudulent charge separate from your charge from GOG or is there a chance that your payment to GOG was incorrectly identified as fraudulent? Who is the recipient for the charge? It's worth looking into. If it's not a false alarm then definitely get that card cancelled. It's a pain, but it has to be done.

As other have mentioned, GOG doesn't store credit card numbers, so they can't have a leak. If someone got hold of your number then it's most likely a keylogger on your computer. Can't say for certain though, so grab Microsoft Security Essentials or something and give your machine a good thorough scan.

Can't tell if serious...

He's clearly serious - if it were sarcasm he'd be using comic sans font (cause that is the sarcasm font ;))

I don't think he's serious lol.

OOT: Barefoot, you have the reputation of the devil!

Realistically, I doubt this has anything to do with GOG in and of itself. For one thing, I can't recall a single person reporting this problem in the year and a half I've been here. Further, unlike most sites, GOG doesn't even store credit card data so there's no way it could have been compromised after the fact.

If it does have anything to do with a GOG transaction, it means you've probably got a virus or keylogger. Sorry to hear that, though.... it sucks.

Guys,

While the stats point to a client side breach. It's entirely possible that GOG have got someone listening in on them (there was a cycle shop a while ago that had it). Storing data or not is irrelevant at time of transfer, so I assume GOG will be investigating this too.

EDIT: but most likely it's not a server side issue

Without going into any personal financial details, are you able to provide any other info?

Like, what is the description of the unauthorised transaction? How long after the gog purchase was it listed on your account?

It might help other people in checking their accounts to see if anything snuck in...