Edit: Seems like I judged them a bit early. Let's see how things turn out.

Hello everyone, I work at NCSX and we were directed to this thread by a customer. I wanted to address some of the concerns brought up:

1) Credit card issues
Please note that credit card information on our shop at www.ncsxshop.com is passed directly to www.linkpoint.com which is our credit card processor. We received a call from a customer to notify us of a fraudulent transaction a few weeks ago and we asked our server administrators to perform a security audit to make sure there wasn't any hacking happening and they didn't find anything untoward.

We have however changed all of our server passwords as a precautionary measure.

We also have a new shop at www.shopncsx.com which is administered and secured by Network Solutions and we asked them to perform a security check as well to make sure everything was okay.

Our old shop at http://mgrsti3030s.seamlesstech.biz/ is being phased out in favor of www.shopncsx.com because it's easier to perform sales campaigns, coupon codes, and free shipping offers on the new shop but please note that credit card information is automatically deleted by the store software after 24 hours for security purposes.

Regarding employee access to credit card information, please note that only the founder of NCS and one accountant who's been with the company since 1992 has password protected access to credit card information if we need to access the Linkpoint server.

We apologize for the credit card issues that some of our customers encountered but it's unfair to crucify us without knowing the entire story of what's going on.

2) Multiple shops
Our primary site is at www.ncsxshop.com. When it was developed, the database format was not compatible with our older shop. So, we decided to keep the two shops up for the time being.

3) Last minute price changes
We understand that it isn't fair when it happens but we're based in the USA and we have less control over what happens overseas than if we were located in Japan or even Hong Kong. We have considered starting a branch in Tokyo but in the end, the costs of maintaining an office and staffers in Japan wasn't financially sound. The last minute price changes don't happen often and may occur 2-3 times a year on limited distribution items beyond our control. If a supplier warns us in advance that there is a very good chance of a shortage for a product, we will not stock it since it's not enjoyable to contact customers and alert them of unavailable stock or higher prices.

4) Regarding the following message from DreamerNL which is captioned below:
"I've had some really bad experiences with NCSX. Charging for orders I did not make, nothing arriving, even threatening to charhe my CC card!!!!
stay far away from them!!"

What is your name and what are the dates of the transactions that we charged you for orders that you didn't make? We'd really like to know since the only time an order is processed is when a customer submits an order on our shop or calls an order in.

5) In Closing...
We process hundreds of orders daily and we understand the need for security. Again, we apologize for the problems that some of our customers encountered but it's unfair to accuse our company of being behind the credit card issue as some posters here have intimated. We've been in business for nearly two decades and we've seen a lot of our competition come and go. We used to supply a lot of shops in the USA including Diehard Game Fan stores when the import market was much bigger than it is now but nearly all of those shops have either closed down or changed their business entirely.

We understand that new customers might not know about our history in the business but we're hoping that people won't jump to conclusions and judge our entire company without first contacting us. Thanks for your attention. I'll be glad to answer any questions.

My question to you is this: can you explain how several people from different locations all had fraudulent charges on their credit cards shortly after putting their credit card info on an order at NCSX? It's too large of a coincidence for us to get simultaneously ripped off within the same short time period after ordering from the same place. I have never had any issues with fraudulence on my debit card, and seeing as how a few other people had the same issue after buying the Mario Galaxy OST it leaves little doubt in my mind that somehow these charges came from information passed on because of those transactions.

That's great that the server passwords were changed, but that doesn't make me feel any less uneasy or comfortable buying from NCSX again. As I pointed out before, it's too large of a coincidence for these charges to be just that. If there was no hacking found, that means there's a chance that someone from within either NCSX or Linkpoint had access to this information and could have potentially used it. I'm not sure if there are records kept on the NCSX or Linkpoint servers, or what have you, but despite the products that NCSX offers I am not comfortable shopping there from here on in.

Zane, I can't really know what happened one way or another but, right now, credit card fraud is rampant. Many of us here would buy from similar online stores, ncsx being just one of them. It makes sense to look for a connection but it is entirely conceivable that it is actually a coincidence.

But if you look for a connection in places where people all buy from the same batch of stores, it could give you an incorrect match.

But, like I say, I can't know one way or another.

Hello, thanks for your message. As mentioned in our original message, there's only two senior people within NCS who has access to credit card information if it needs to be accessed on Linkpoint. This is a strict policy guideline we follow since employee turnover can be a security concern if not managed properly.

Linkpoint is a fairly large processing company which is a subsidiary of First Data Corporation. We're fairly certain that no one at Linkpoint would compromise customer data. You're asking us to explain how the data may have been compromised but I can't give you an answer that's 100% accurate. If Linkpoint stores transaction data on magnetic tapes within a certain timeframe for immediate backup or transfer to a storage facility, can the data on that tape be appropriated and/or intercepted by a third party or an intermediary?

It's possible but we don't know for sure. There are other possibilities but we just felt it was unfair that we were being judged prematurely about a very serious problem. We're consumers too and we're wary of using our credit card information online but we've taken steps to ensure that our sites are secure and safe for our customers.

Just to clarify again, no credit card information is being stored on our servers. The billing data is sent directly to the credit card processing company. That is why a customer has to type in his/her credit card information each time an order is submitted. It may be less convenient for the customer during checkout but it's also a security feature. The only information stored online is the customer's shipping information, email address, and telephone.

Thanks for giving us a chance to give our side.

I'm just going to go out on a whim and say that NCSX is probably not at fault here.

It may look like it wasn't a coincidence but I'm pretty close to sure that these kinds of problems are always with users.  If NCSX's credit card information really was compromised, there would be more than ... 2 ... people who had compromised account information.

2 is not a trend.

There are at least three of us that had charges within the same time period. I'm sure you would feel differently if it was your information and your financial safety that was at sake and you had to freeze your account because you were afraid that your money has been compromised. Otherwise, it must be easy to skim over our original posts and just assume it was me and Joe that had the issue.

Show me proof that NCSX is at fault here other than a random coincidence that 3 of you had an issue.  NCSX probably handles hundreds of transactions a day, even 3 of those does not strike me as a coincidence or a trend.  NCSX has gone out of their way to post information about how they handle transactions -- which is far more secure than can probably be said for ANY of the overseas sites we use on a daily basis with the exception of paypal, ebay and amazon.co.jp.  If two people in the entire company have access to payment information then the likelihood of your information being compromised by those two individuals is not impossible but it's highly unlikely.  The information isn't even stored at their site, and if someone at Linkwhatever compromised an entire tape full of credit card information, there would be more than 3 rogue transactions.

Assuming I had a need to order something from NCSX, I wouldn't hesitate with the information they provided in this post.

Dude, three people out of this community had issues. That's a very, very small percentage of the total number of people that order from NCSX. There's no way to tell what else could have happened, but how can you be so certain that there were no fradulent charges to people outside of STC? If every other person that ordered from NCSX in the past few months had no issues, then, yeah - I could (and would) see your point. But there's absolutely no way to find that out, and given the small community here compared to NCSX's total customer base I find it very hard to understand your unwillingness to contemplate the chance that this happened because of those transactions. But, like I said, this didn't affect you personally and I'll bet that if you had your shit stolen you would have a different attitude about it.

As it stands, by all means - order away.

And there's also a fourth person, if you want to include Qui-Gon's friend!  Sounds like more than a coincidence to me.

sup ratnuts@panix

There is a few other issues that need to be examined.  I do not speak with any authority on the subject.

1) For those people who did get fraudulent charges after ordering Super Mario Galaxy, did you use your cards for anything between the time you ordered the album and when the fraudulent charges were made.  If you did use your cards, then the possibility exists that the fraud was committed somewhere else.

2) For those people who did get fraudulent charges after ordering Super Mario Galaxy, did you use the cards shortly before ordering the album?  The fraud could have been committed there and it would take a while for the charge to post to your account.  The fraudulent posting could have made it look like NCSX committed the fraud.

3) Given NCSX's description of the processing flow, it is still possible for Linkpoint to have been compromised.  There has been several news article about breaches at these banks, processing gateways, etc., so the problem could still be there (see Bank of America, Choicepoint, etc.).  If NCSX continues to receive fraud complaints about this from other customers then NCSX will have to acknowledge that there is a problem somewhere in their processing flow.

If you use a credit card, it is easy to get fraudulent charges reversed due to U.S. banking laws.  Debit cards are not backed by these laws, so getting charges reverses is dependent on the card issuer's policy.

What I don't understand is the recurring proposition in this thread that if the fraudulent charges were the result of orders placed with NCSX, then necessarily NCSX is at fault.  How is the latter a corollary of the former?  If the breach occurred elsewhere in the fulfillment chain, then NCSX isn't to blame unless the source of the breach has some peculiar susceptibility and NCSX was or should have been aware of same.

Sorry, but I'm very confused - I'm confused how this tread got to this point. I really don't feel anyone pointed the finger at NCSX in a malcious way throughout this thread, or misrepresented that this was a more than a "theory," so I can't help but scratch my head why ppl are leaping to the defense of NCSX.

Also "Warning" is different than say a "Notice" in that it may not be 100% iron clad/true

If the transactions made at NCSX led to the credit/debit card info being compromised, whether it happened directly through NCSX or at Linkpoint or around the water cooler at the dispatching office, then wanting to fault NCSX or at least pointing a finger in their general direction should not be so hard to understand. And if this WAS the case - if it wasn't NCSX's fault in particular and it happened elsewhere down the road of the transactions - this is still a very serious issue that could potentially affect all future transactions through NCSX. If the compromise happened at Linkpoint, then there is the chance this could happen again to other people. NCSX changed their server passwords and had an audit that came up with no specific findings related to this, but that doesn't do a damn thing if the issue occurred outside of NCSX.

Everyone's acting like this is such a small little thing, like one person had a fraudulent charge and started blaming NCSX out of the blue because they placed an order there several months before. The facts are there, and it's really damn hard for me to believe that this entire situation that spans four people out of a small community is more than a coincidence. It's apparent that the people who think that my accusations are uncalled for are people that have never had their information, identity or finances compromised; I'm sure if you were in the position I was in or that Joe was in a couple of weeks ago you would be a little more sympathetic toward the situation. I have nothing else to say about this.

Wow, you like jumping to conclusions generally then.

Zane has every reason to be upset.  Depending on your credit card company, these things can be a major hassle to clear up.  In my experience, it hasn't been so bad, but I know that's not always the case.

The fact that several people from this community had these charges is strange.  However, this stuff happens.  Plain and simple.  People are out there who want this information, and they're going to get it from somewhere, regardless of how secure this or that is.  I doubt it was an employee, as again, they're based in a different location than where these charges were made.

So yeah, I'd be pissed in general, but not as NCSX.  If it's a good store, keep shopping there.  I think people are going to get your information no matter what.  It sucks, but it's the truth.

I never said that (a) posting a warning was inappropriate, (b) this is a coincidence, (c) having a credit card number stolen is a trifle, or (d) anger is an inappropriate response.  My comments relate only to the following line of reasoning:

"If they ARE the source of the leaked information, then I apologize for recommending them and am extremely disappointed in the failure of what has always been one of the most trusted import stores."

"Even if NCSX employees are not the culprits here, at the very least it shows that they're not taking proper measures to secure their site, and that's more than enough to convince me I should be taking my business elsewhere."

My suggestion is that even if you rule out the possibility of a coincidence, it's premature to assign blame.  If I were in this situation, I'd be fuming, too, but I might not be so quick to calculate a vector for my anger.

Okay, okay... what the heck is going on in this thread?  Sorry, I've been out of the country for 9 days and haven't been reading here.  I'm totally willing to give NCSX the benefit of the doubt, but I do see it as highly probable that the false charges came from the company they use for billing.  I think there's way more than simple coincidence going on when a friend and I both have our information stolen at the exact same time and the fraudulent charges are TO THE SAME WEBSITES.  You also have to consider that our cards have had -nothing- else in common as far as usage... I was in Japan for three years not using mine and he's been in New York.  The only online ordering we've both done was for this CD.  Regardless, I'm waiting to find out the result of the security audit, as I'm leery of ordering again until I find out exactly what happened.

NCSX has already stated that they had people check their e-commerce site and Linkpoint did a security check on their end.  Neither found anything suspicious.  NCSX, as a precaution, changed their passwords.  NCSX stated that only the owner and the accountant has access to their customer's financial data.  NCSX also stated that Linkpoint is an experienced processing company.

Since a few people from here received fraudulent charges after ordering and assuming that these fraudulent charges were not from other vendors they shopped with around that time, then people here pretty much agree that the breach is somewhere in the NCSX-Linkpoint workflow.

WOW! This is pretty serious, I was envious of those people that got their pre-orders so early from NCSX. Now I'm kinda glad I had to wait for Play-Asia, I've been checking my bank statements and nothing's wrong there. To be honest, I'd be livid even if I'd lost £20 never mind the $250 that Zane lost.

I just recommended NCSX to someone today! I hope this is just a small mistake, I bought my FFV and VI Advance games from them.

I hate to dredge up an old topic here, as I really have no evidence that my case is linked to this, but I just got a call from my credit card company today reporting that they noticed some odd charges in the last few days, and indeed, I hadn't made them. Fortunately I was able to work everything out with them and the charges have been taken off my account (and the account subsequently deactivated), but I immediately thought of this thread.

Since ordering the Mario Galaxy OST from NCSX, the only place I've used my credit card online was through Amazon.com, and my Paypal account which I've had for years. This is the first time anything like this has happened to me, and it gives me cause to wonder.

The transmission of your data from point A to point B is, and always will be, at risk. No amount of cyber security will ever change that. Yes, it may be that the source was directly or indirectly caused by ordering from NCSX, but I really can't see how anyone could hold them at 100% fault.

I'm not blaming NCSX or accusing them of any purposeful wrongdoing. I'm just saying it seems fairly obvious to me that this common point, between all these people who have had their credit card information stolen, cannot be mere coincidence. Yes, it could indeed have been any number of parties between points A and B that were responsible, and they may have been in no way affiliated with NCSX. There's really no way of knowing.

But like I said, I've done a lot of online shopping over the years, and this is the first and only time something like this has happened to me. If I eat at ten different restaurants, and develop a case of food poisoning after dining at one of them, I'm definitely not going back to that particular restaurant again.

.