Monday, February 18, 2013

Big Projects (and a bit of a vent about KnitPicks)

I’ve got a couple of big projects on the go right now, which doesn’t make for interesting blogging fodder. Sure I could post a nice step by step tutorial of my projects which would give me regular posting material, but sadly I’ve got a lazy streak that prevents me from taking that approach.

In the past few weeks, I’ve made some good progress on my quilt. I’m just about ready to put on the final border that will finish the top. Here are the border pieces working themselves together.

Here is the rest of the quilt top in its current state.

When I’m not sewing, I’ve usually got my butt on the couch watching TV and knitting (that’s the lazy I spoke of.) I’m working on a lace cardigan that is coming along nicely, albeit slower than a pair of mittens or socks.  It is difficult to find a good way to photograph lace in progress.

And now on to KnitPicks…

If you’ve been reading my blog you will know that I am a huge fan of KnitPicks. I love their website, love their catalogue, love their prices, consider their quality acceptable, and respect that they give independent designers a professional sales outlet. All that said, my KnitPicks shopping days are now behind me. Here is my vent, to tell you why.

On February 2, my credit card was used fraudulently. If you know me well, you will know I’m obsessed with our finances, and check my bank statements on a daily basis. I was checking our accounts one night when I noticed that someone had been doing some shopping down in Florida. While I wished it was me, I knew I was stuck in Ontario, in the midst of a Canadian winter. My husband immediately called the bank, and they identified that the fraud occurred on my card, not his. (Darn – he’s been enjoying that part of the story way too much!). The bank asked if I do any shopping online. I said, “only KnitPicks and they couldn’t be the problem.” So, my credit card was cancelled and I waited a week or so for a new one to arrive. We’ve had to cover the charges on our card, for purchases we didn’t make. I’m certain the bank will reimburse us, but we haven’t seen the money from them yet, so as of now we are out $564.

Since then, we’ve been wondering where my card might have been left vulnerable… until this weekend. Thanks to the wonders of social media, I discovered that KnitPicks unwittingly disclosed their customers’ personal info including names, credit card numbers, home addresses and phone numbers. They discovered this error on January 25, when they filed the necessary paperwork, but did nothing to notify their customers. They claim they do not store customers’ credit card info, but clearly they did store the info and left it vulnerable.

I have no way of knowing if the KnitPicks breach was responsible for my case of fraud, but judging from what I’ve learned this weekend, it seems highly likely. Social media has been alive with discussions of the KnitPicks situation. Twitter, Facebook and Ravelry, have hundreds of knitters stepping up to say the cards they used at KnitPicks had to be cancelled due to fraud. In all cases it was a similar pattern of small charges being made that added up to several hundred dollars.

The folks on social media all shared the same thoughts that it was appalling that KnitPicks did nothing to notify their customers and continued to stay silent in the midst of all the social media conversations. Eventually the President spoke up last night and posted ablog addressing the matter. Well, he addressed the matter for US customers, but did not make any mention of customers from Canada, or other countries. This, of course, caused more stirrings, so eventually he updated the blog post to say that letters of notice will be sent to Canadian customers.

While I understand that fraudsters can attack any company and KnitPicks is one of the victims of this fraud, I can’t stand loyal to a company that handled the situation the way they did. They stored my information unsecured; when they discovered this, they stood silent. If they would have told me about my card being compromised on Jan. 25, I would have cancelled it and it wouldn’t have been useable on Feb. 2. The fact that they are just now getting around to producing a communication to their Canadian customers is just rubbing salt into the wound.

I’m sure KnitPicks has learned from this lesson and will be secure in the future, but after this experience it seems stupid to willingly give my money to such an irresponsible company. Sadly, I will shop KnitPicks no more.

(Meredith – this means more in-person yarn shopping is in our future!)

No comments:

Post a Comment