1 comment

In 2012, I conducted an online transaction with a non-local restaurant to purchase a gift card which they mailed directly to my intended recipient. The issue is that my personal credit card information was transmitted from their so-called “secure” webform to their back-office administrator VIA EMAIL. Not only did the admin openly admit this when I called … but then she sent me via POSTAL MAIL a copy of the “receipt” which was merely a printed copy of that very same email from her inbox which includes the form-names and their values!! To clarify, the printout contains the actual data that is being sent from their website’s “form-to-mail” system for manual processing by the back-office administrator. Instead, the form-data should be securely captured into a database where the administrator would then have a secure web-based interface to view and process that data.

It's sad that companies put their own reputation, as well as their loyal customer's data, at such risk due to negligence, lack of concern and proper handling.

In summary, (1) their webform's data is being transmitted in CLEAR TEXT via email from their website's order-form to their admin’s inbox … and then (2) it’s being printed out and sent to customers via POSTAL mail. Credit card numbers are printed in FULL (no “xx” masked characters).

This sounds a lot like what is discussed in this article: www.dataprivacymonitor.com/payment-card-industry/r />

The restaurant is BigTimeRestaurants.com of West Palm Beach FL. I feel that they should take every precaution to protect their restaurant chain’s reputation, as well as their end-customer’s financial data. Does anyone care at BigTimeRestaurants care that their customer's cardholder data (pii - personally identifiable information) is being handled so recklessly and without application of PCI DSS guidelines?

Had an Experience with BigTimeRestaurants?

Write a review


Terms of Service
Post Comment

Since 2012 and remaining true at present December 2014, BigTimeRestaurants group of West Palm Beach FL is still sending customer's sensitive and private PII creditcard data via INSECURE email as a receipt.

You May Also Like

Outback Steakhouse - Not what we were visioning ..... Outback Steakhouse "...today when both of us were sick and 'just' wanted some comfort food, the online pick-up meal we ordered was horrible!..." Read more Dashanqing Tea House - Tea Scam in Beijing!!! Warning to Tourists!!! Dashanqing Tea House "There is a famous scam in Beijing, its called the Tea house scam. Or Tea ceremony scam! It has been going on for a very VERY long time! Recently in..." Read more Marcos Pizza - Price gouging Marcos Pizza "I ordered a bogo pizza from this location today at 11:10am. I asked the sales member about the price i seen on the xompany website for the large peperoni magnificant..." Read more Buca Di Beppo - Tried to pass off a fake item Buca Di Beppo "On 3/10/17 I took my mother-in-law to lunch. Buca is her favorite restaurant and the Chicken Marsala is favorite dish. Her second favorite is the Manicotti. After the visit on..." Read more Gearbest - No real people to get help and poor web interface contact Gearbest "After waiting 2 weeks for my order, it arrived with a damaged part. I spent over an hour navigating the site and none of the help works to get to..." Read more NUCOT IS NOT FAKE!!!! PLEASE READ THIS !!!!!!!!! Nucot "Dear All, Nucot is not totally fake as many people claim. People who are disappointed with NUCOT are the people are the people who have failed in bagging jobs even..." Read more Curriculum Associates - NO JUST NO Curriculum Associates "So I'm using I-Ready and stuff, and it's "teaching" me about figurative language. But it gives me weird examples, and as in weird I mean disturbing. For hyperbole the example..." Read more North Coast Auto Mall - They fooled me twice; shame on me! North Coast Auto Mall "My sister hosted a foreign exchange student from China for his senior year of High School. He was subsequently accepted to attend Ohio State University. As a graduation present, his..." Read more