HD Guru logged in to his Best Buy account to find the “ship to” address was changed to a stranger in Texas. Had I bought something, my stuff would have been shipped to some cowpoke in Houston.  What’s going on here? Was my account hacked? Could your account be hacked too?

 

I recalled receiving an email in early April from Best Buy informing me its email management company Epsilon was hacked. The email goes on to state “only email addresses” of Best Buy customers were accessed. Obviously, the ability to change a “ship to” address in one’s account requires a password too.

I immediately contacted Best Buy customer service and spoke to a representative named Robin. I asked about how the ship to information in my account could change, and when were these accounts hacked? She stated there was no hack, but rather the database at Best Buy was corrupted by a glitch which caused customer data to be intermingled with other customers. This was hardly reassuring as it is a complete loss of privacy of information believed to be secure, is a violation Best Buy’s customer privacy statement, and no notification has been issued by Best Buy warning customers of this problem.

As a result of the hack (or corrupted database) I immediately changed our password and will refrain from ordering anything from Best Buy until I receive a satisfactory response.  HD Guru cautions our readers to check their accounts to see if a change of the “ship to address” occurred. As a precaution, we also recommend readers change their bestbuy.com password. Changing the email address associated with your account would not hurt either, as we know Best Buy’s customer email list was leaked back in April.

I contacted Best Buy corporate communications for an explanation. They are investigating and will provide a response to my inquiry sometime next week. I will repost upon receipt of their findings.

 

Have a question for the HD Guru?
HD GURU|Email

Copyright ©2011 HD Guru Inc. All rights reserved. HDGURU is a registered trademark.