GiftCardMall Has Confirmed They Suffered A Data Breach

A few weeks ago, reports emerged that credit cards used to make purchases from GiftCardMall were encountering fraudulent charges.

A week or two later, GiftCardMall was requiring that users reset their passwords when logging in. They’ve now sent out a letter to affected customers confirming that they suffered a data breach.

Data breach hacking fraudulent charges

Doctor of Credit has shared a copy of the letter that’s being sent out to potentially affected users. In it, GiftCardMall states that your information might have been compromised if you made purchases on their site between April 24, 2019 and May 21, 2019.

May 21 was the date that they apparently identified an unauthorized script in their website’s code which forwarded data to an external site. GiftCardMall has advised the following details might have been affected:

  • Name
  • Address
  • Payment card number
  • Card expiration date
  • Security code

This is where things get a little strange. Despite this information becoming compromised and there being numerous reports of subsequent fraudulent charges on affected cards, GiftCardMall claims that:

Our investigation of this incident revealed no evidence that your personal information was actually accessed by any unauthorized party.

I’m no expert, but if the information was being forwarded to an external site, how would GiftCardMall know if those responsible had actually accessed that information. Besides, the seemingly large number of customers with fraudulent charges suggests their “evidence” didn’t involve contacting potentially affected customers or doing a quick Google search for “GiftCardMall Fraud”. From the first page of results for that search term:

GiftCardMall Fraud Google Resutls

GiftCardMall is offering 24 months of MyIDCare credit monitoring and identity protection services for free. You can enroll by calling 1-800-397-9573 or signing up here.

If you made purchases between April 24 and May 21 but haven’t been affected so far, it’s still worth keeping an eye on your statements in case your card is used in the future.

About Stephen Pepper

Stephen Pepper is on a 5 year, 50 state road trip with his wife Shae and their dog Truffles. Finding opportunities to earn miles and points is one of the ways they can afford to do this, so he'll try to help you do the same for your own travels.

More articles by Stephen Pepper »

Regarding comments: Comments posted at the bottom of Frequent Miler pages and posts are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.

Leave a Reply

1 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
1 Comment authors
TomJ Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Notify of

I used 3 different credit cards at GCM during the timeframe of the breach and had ALL 3 of them used fraudulently! For GCM to claim that my personal information wasn’t accessed by a 3rd party is a complete and total lie.