Wiggle Confirms Some Customers' Accounts Have Been Fraudulently Accessed

Jun 16, 2020
by James Smurthwaite  
photo

Wiggle has today confirmed that a number of its customers' accounts had been fraudulently accessed. The Portsmouth, UK based company is the largest UK online cycle retailer and also owns Chain Reaction Cycles and Bike 24.

Wiggle’s direct data hasn’t been hacked or breached. The issue has occurred where customers use the same password across multiple accounts. Fraudsters have been able to obtain passwords from outside of Wiggle’s network and they then scan the internet to find other accounts in which the password works for. At that point they have been able to access the Wiggle account.

As reported by road.cc, complaints about unusual transactions and data being changed have been dated back to June 12, including the below purchase of a Castelli skinsuit worth £237.50:

photo

Cyclist magazine also reported on a customer who had a £75 purchase on his account that was due to be shipped to Russia. The customer was later unable to access his Wiggle account after his password was changed.

Wiggle CEO Ross Clemmow today confirmed that a breach had taken place and issued the following statement:

bigquotesData security is of the utmost importance to us. We’ve investigated the isolated incidents where accounts have been accessed, and we understand a small number of customers’ login details have been acquired outside of Wiggle’s systems and some have been used to gain access to Wiggle accounts and purchases made.

We have taken steps to identify these compromised accounts and we will be individually contacting these customers. All impacted customers will be refunded. To protect our customers, all accounts will require the re-entry of card details for the next purchase.

We are aware that where customers utilise the same password across multiple websites, fraudsters with access to some details can feasibly use these to try and gain access to genuine customer accounts. We recommend our customers change their password if they have any concerns. We would like to assure our customers we’re prioritising all enquiries related to this issue.Ross Clemmow, CEO

Cycling Industry News is reporting that Wiggle customers will now be required to re-enter their card details on future transactions. It is recommended that Wiggle customers change their passwords immediately, especially if they use the same password across multiple websites.

Article updated for clarity

Posted In:
Industry News


Author Info:
jamessmurthwaite avatar

Member since Nov 14, 2018
1,770 articles
Report
Must Read This Week
Kona Bicycles' Parent Company Appoints New CFO, Intends to Sell Brand
64400 views
Downhill Bikes of Sea Otter - Part 1
45970 views
Randoms Round 3: Dario's Treasures
44203 views
Brian's Randoms from Sea Otter 2024
43852 views
Pinkbike's DH Fantasy League: Get Your Team On The Line - Fort William is in 10 DAYS!
39243 views
[UPDATED] Final Elite XC Results & Overall Standings from the Araxá XC World Cup 2024
38037 views
Randoms Round 1 - Sea Otter 2024
37972 views
Spotted: Frameworks Racing DH Bike with Electronic Fox Shock & Unreleased Enve Rims
37055 views
Sign Up for the Pinkbike Newsletter - All the Biggest, Most Interesting Stories in your Inbox
PB Newsletter Signup

77 Comments
  • 103 0
 No one has fallen so hard as Chain Reaction (and Wiggle) since Wiggle took over. Slow delivery, not particularly good deals, no longer a human phone service.
What annoys me the most is the amount of ‘out of stock’ listings even when you have selected otherwise in filters-even before C19.
For too long they have been complacent and its bit them on the arse.
  • 9 0
 If you live outside the EU you also get wild geopricing, an even smaller range and only 12% VAT removed.
  • 23 0
 Mate the out of stock thing really f*cks me off too, CC used to be my go to site for parts etc but now I don’t bother, I don’t even know where to go anymore!
  • 11 1
 I agree. I have placed about 15-20 orders with them over the years. CRC used to be a great deal, with fast reliable shipping to Canada. Now the prices are not much better than deals I can find at LBS, plus the shipping times have doubled or tripled with the low grade shipping service they now use. I have been waiting 3 months for my most recent order. It is almost impossible to speak to an actual person in their customer service department. The email responses are just stock emails filled with general information that any person with half a brain should already know. My days of ordering from these sites are most likely coming to an end.
  • 12 0
 Yeah everything is out of stock on CRC not what it was.
  • 15 0
 It's not just "out of stock". Shitloads of stuff is now "no longer available". If only they spent half the time working on their stock levels that they do bombarding us with emails telling us about the awesome deals on stuff that's, yep, you got it, "out of stock".
  • 3 5
 @McArdle: ummmm your LBS?.....
  • 7 0
 @Mattysville: My local is an Evans cycles which is now just a soulless void of road bikes.
  • 4 0
 Tdf they are not the only ones with the "out of stock clickbait" problem.
Many times I've googled something and found nice prices just to click on the link and found it out of stock or discountinued.
It's really annoying.
  • 7 0
 Yup, it's now several years since I last ordered something from CRC. It's good for everyone else, but a crying shame for all the people who work(ed) there and helped build it up.
  • 11 0
 Fully agree, was a big fan of CRC, however after Wiggle aquisition switched to the German websites; just because or multiple errors with website and outdated e-commerce experience;
  • 1 0
 @Fix-the-Spade: Were you one of those people?
  • 2 2
 @McArdle: because everyone went to CRC and Amazon a decade ago so the shops all went to shit.
  • 5 0
 @commental: yeah bloody annoying isn't it; the reason they do it is for search engine rankings. Notice how many smalls/parts/whatever Google searches will get good results for Wiggle, only to be "no longer available".

Thankfully in Australia we now have some good competitive local online shops like MTB Direct, Pushys and BikeBug.
  • 1 0
 @jammf: Yeah Pushys are pretty good. They do cheap and fast shipping to NZ. How do you rate 99 Bikes they just bought out the Bike Barn chain of stores.
  • 5 0
 @McArdle: i was the same, crc for everything unless merlin (my actual lbs) had it close to as cheap, but these days I rarely go on crc anymore, for me, leisure lakes and tredz are my go tos, they've really stepped their game up this last few years (at one point had a bit of a falling out with leisure lakes and had to get a bit arsey with them before they begrudgingly sorted it), they're pretty damn good with stock etc. Wouldn't touch Evans with a bargepole, ordered some 5.10 freeriders for the missus, in stock but it was saying delays possible which is understandable, paid extra for the priority dispatch, 8 days later got a refund for the shipping with the message 'it'll be 7-10 working days, 11 working days emailed them, 12 days they said they couldn't fulfil the order and refunded the money. That was 16 actual days after ordering, Friday at 2pm. Went straight on leisure lakes, ordered to same shoes at 2 quid dearer but free postage, we were expecting Monday or Tuesday, but no, Saturday morning there's a nock at the door. Evans couldn't deliver them in 16 days, leisure lakes had them with us in less than 16 hours.
  • 1 0
 @McArdle: Have not used my CRC account in years, just pay with paypal, but service really sucks since wiggle took over, how to take something good & offer shit service, but would bet I can no longer log into my own account?
  • 1 0
 @streetkvnt-kvlt: yes Pushy's are great, and in my experience their customer service has been top-notch.

TBH I haven't used 99 Bikes much so can't really say. There's a shop close to me that I've been into a couple of times which seems alright, although it looks like they cater more to the "casual" end of the market.
  • 4 0
 Couldn't agree more. Used to use CRC all the time but since Wiggle took over I've barely been able to buy anything from them. It's not that i don't want to, its because i can't - they've hardly ever got what i need in stock. A shame really as i really used to rate CRC
  • 8 0
 For me, once they stopped selling Shimano, the party was over.
  • 2 0
 @bj007: Sorry to hear that. It sucks. For some reason, we're still getting great service here to the States. The inventory shortages are still an issue, like everywhere in the cycling world right now. But I'm still getting really fast delivery with CRC using DHL as the carrier. IDK?
  • 1 0
 @nickmalysh: JensonUSA mate, or check out Universal Cycles!
  • 1 0
 @jfyfe: Shimano EU makes a embargo since summer 2019, "We would like to inform you that starting on the 01.06.2019 we can no longer offer Shimano products in select countries. The reason for this are changes to the sales concept of the manufacturer. Sadly, we are required to follow these changes. - Bike components de
  • 2 0
 @jammf: Some NZ online retailers could take a page or two out of Pushys book and learn something new. 99bikes seems like it's casual to low end. Bike Barn while a chain that catered from low end to casual, also dealt in some high end. Carbon Kona Operators, Top end Merida eMtb's and mid to top end enduro bikes to name a few. 99bikes will probably have to up their game if they want to survive in NZ.
  • 2 0
 @jfyfe: We must've left that party at the same exact time.
  • 2 0
 @streetkvnt-kvlt: Haha. You just reminded me of when I visited a Bike Barn in Hornby earlier this year. I was after some chain lube. The guy asked me if my bike was FS or hardtail. I asked him to explain what possible difference that could make to which chain lube I should purchase. His face was a picture.
  • 1 0
 @commental: That's so bad I almost feel sorry for that guy.
  • 92 0
 How embarrassing to have your 'speed suit' purchase bounded all over the internet I'd deny it too, and I wouldn't be able to show my face around Tottenham for a while
  • 10 0
 To be fair, if you wore that in public nobody would be looking at your face.
  • 9 0
 To be fair
  • 53 0
 Wiggle ruined CRC to the point I don't even visit the site anymore.
  • 19 0
 I agree, used to buy alot of stuff from CRC then came the SRAM/Shimano restrictions and I was still loyal, then they switched from DHL to some shit company that takes weeks instead of 4 days. And now the import prices are so high it's not even worth it like hey we have $50 Sam hill signature bars but the shipping and import fees are $100 bucks lol .. I buy from jensonUSA now 3 days it's at my house not screwing around
  • 3 0
 @cyberoptixs: Was about to say somemthing similar ... I think I made my lasts orders to CRC ... bought some tires and I know it is partially UPS fault, but it took a month and a half to get the order re-shipped, only to receive both order a day apart. about 20$ tax and duties + 9$ shipping on a 50$ order... Expecting the same ratio or less on taxes and duties (why would that be different), now 70$ taxes and duties on a 150$ order ... and part of it is coming in a different package, so I expect to pay another 20$ duties ... that's not so much so good of a deal now. Will encourage LBS now.
  • 7 0
 @cyberoptixs: Totally agree. Poor communication and average customer service. At checkout, you select "free" shipping with Canada post and yet they ship it with some sketchy outfit who charge duty AND brokerage fees. Paying duty is expected but the brokerage fees are not cool when you select the free shipping option.
Jenson USA all the way!!
  • 3 0
 @okidou; @cyberoptixs Same here, still waiting for my last order placed May 7th... and it will be my LAST order! Free shipping with DHL was great, super fast and the amount they charged was the equivalent of the taxes. But now with Skynet it's a nightmare! I have been charged 100$ taxes and duties for a 235$ order, which is insane, and I'm still waiting.
Just found out last week that my LBS now offers free shipping on 50$ or more orders and they put all their stock online since the pandemic.. will order from then now!
  • 1 0
 @JoschRTE36:I refused to pay skynets rediculous handling fees,wiggle ignored my questions about skynets additional charges. I settled it thru PayPal and got my money back.never will I order from wiggle or crc again.
  • 1 0
 Yup. Ditched CRC for Jenson too. Great service. This is also not the first time this has happened to Wiggle either.
  • 1 0
 @cyberoptixs: Sorry to hear that mate. For some reason they're still using DHL to the States and I get my shit super fast and in great condition overall. Weird...
  • 2 0
 @mybaben: I used to get mine DHL all the time then everytime I got Skynet which when you look up reviews they are a 1 star shipping company, as of lately I bought a set of onza tires from them and the side walls delaminated and CRC won't warranty them for whatever reason even though Onza said for me to warranty them thru CRC.. just tired of getting jerked around
  • 1 0
 @okidou: word!
  • 26 0
 He's trying to wiggle his way out of the skin suit
  • 3 1
 You beat me to this comment, AIRSPEED!!
  • 23 0
 Never, EVER, let a site store your payment info. These days it's no longer a question of if, but when a site will have a breach.
  • 4 0
 This. Assume your data will be stolen and some point and take the appropriate steps to minimize the impact when it happens.
  • 3 0
 Yes!! Paypal that shit one transaction at a time!
  • 4 0
 Was gonna say this - never store card details on a website or even in the browser. Use a password manager too so you can use a different password for each site without having to remember them all, and make them a random string of characters.
  • 1 0
 But they didnt have a breach. Some numnut used the same pasword for lots of different sites.
  • 16 0
 Wiggle sucks.
  • 7 0
 How did Wiggle ever manage to take over both CRC and Bike24 when it is arguably the worst company of all three? Since they took over, lots of stuff on CRC is constantly out of stock, and the stock listing is exactly the same between Wiggle and CRC (and I assume Bike24) so might as well not have the individual store fronts.
  • 2 0
 bike24 stock is a bit different from crc/wiggle, I think they are still kind of independent while crc is just wiggle but a different logo.
  • 5 0
 Riverside bought back Bike24 in 2019, after selling Bike24 to Wiggle in 2017.
  • 1 0
 Was not wiggle, but was their parent company that bought CRC, so just some richie rich type may be, But a shame that CRC went down hill so fast!
Funny that good successful companies make it big & some rich person that does not need any more money tries to manage that success, does not work, other example would be Santa cruz?
  • 7 0
 I remember researching "the best mountain bike forks of 2020 and looking at reviews on BikePerfect.com, and down below there were ads from amazon, wiggle, etc. wiggle claimed that you could buy a Fox Factory Float 40 for $459 (I am looking at my old emails to make sure I got my numbers correct)

Common sense cries "Bullshit!" when all of the other ads for the same fork are over $1500, and so just to see what thet were really selling, I clicked on the ad. It took me to a page for a rear shock, not even a fork, and while the shock was $459, I checked the price on the Fork they showed in there ad and the actual price on there website was $1719.

My mom has a degree in advertising as likes to tell us all about marketing schemes and advertising strategies, so, being P.O'ed (pissed off) I wrote them some polite hate mail, demanding they fix their advertising.

The first thing they did was send me this:

"Hello

Our customers are what make us tick. We only recommend products that we would use ourselves and we won’t be beaten on price, but how was the Wiggle experience? All feedback, whether good or bad is always warmly received so we can take steps to continue to improve or rightly give a pat on the back for Team Wiggle.

Your feedback here is most appreciated and we will take this on board and raise with the appropriate teams.

Thank you for taking the time to pass on your experience and we hope that we can continue to meet – if not exceed - your expectations."

I don't want to be placated! I want them too be honest! I sent them another email pointing out what they were trying to do,and they agreed to fix that one ad, but that they couldn't fix all there ads on other websites because there were too many.

Anyway, I wouldn't buy anything from 'em. I would rather support my 4, 5, or 6 local bike shops. Wiggle Stinks.

Thanks for listening to my rant, peeps. Have a lovely day
  • 6 2
 Thats a cool story bro
  • 3 1
 @onemind123: I can't really tell if there is any sarcasm in there, but thank you OneMind (cool name, too) Smile
  • 9 1
 That sucks. (I mean having a business named “wiggle”). Sorry about the great spandex tragedy.
  • 7 0
 I don't even have a Wiggle account and got an email that my account got hacked. So, the hacker who stole my email to make an account got their account hacked.
  • 8 5
 "it is recommended that Wiggle customers change their password if they have any concerns. "

Hey Wiggle - should I be the one with concerns?

YOU store personal information, including payment details, YOU get breached and I'm the one who needs to take action, "if I'm concerned"?
  • 8 1
 Ummm... Yes!? Should someone else be responsible for you? Your account? Your finances? Your chosen level of protection of your personal info?
  • 8 0
 @JDugan: A proactive company would send out password reset emails to everyone affected. Perhaps even lock accounts until the owner verifies.
  • 3 0
 @boozed: not to defend Wiggle, i think they are a shit company, but "Cycling Industry News is reporting that Wiggle customers will now be required to re-enter their card details on future transactions"
  • 4 0
 This is especially awkward when you have 20 Wiggle accounts to keep using the new customer codes...
  • 1 0
 Only 20 Wiggle accounts?!
  • 4 0
 If you wear a skin suit everyone can see your 'personal details'
  • 1 0
 Well played Sir... A spitting coffee moment achieved. lol
  • 4 0
 He should get a complimentary skin suit for the inconvenience.
  • 18 0
 That would be a punishment. Way to kick a man when he's down.
  • 1 0
 This exact thing happened to me and to give credit to wiggle they handled it very well. Froze my account until my password was changed and refunded the money instantly. All done quickly and professionally.
  • 2 0
 Personally I think this is Castelli trying to increase sales of skin-suits. But thats just my 2c.
  • 2 0
 I thought I was the only one who thinks both suck. No deals and everything is out of stock all the time!
  • 1 0
 Kobi who is Sales and Marketing for Castelli, is also selling those skin suits in the clothing section of PB :X
  • 2 0
 Wait wait wait. This guy works for the brand who's product he's helped plaster over all the major cycling news websites? So a strong possibility this is all just clever (and risky) marketing?
  • 1 0
 Anybody know how to actually delete Wiggle or CRC accounts ?
  • 2 1
 What is Wiggle?
  • 1 2
 Could make a good use of www.spirent.com/go/cyberflooddba
Below threshold threads are hidden







Copyright © 2000 - 2024. Pinkbike.com. All rights reserved.
dv65 0.037048
Mobile Version of Website