3 comments

[ 6.4 ms ] story [ 19.2 ms ] thread
I have been without access for 4 hours now. I have been with Capital One 360 since they were formally ING Direct and this is the first major outage I have experienced with them. Other than today, I have had a wonderful experience with their web and mobile apps. They say they haven't been hacked, but there is no ETA on a fix and no information into the nature of the outage. I was able to use my debit card, so I assume the sky isn't falling - but unnerved to say the least.
I suspect something seriously bad has happened. From my Reddit comment on a discussion of this in /r/personalfinance:

--------------

I wonder if this is related to the mysterious email I got from them early this morning.

That email said that a $165 credit from "STRIPE VIA QB*2 8 9 DE" was posted to my credit card account on the 13th and the funds are now available.

This was quite unexpected since I have never asked for any kind of refund or charge back on my Capital One card, and I can't even figure out who could possibly be doing this. In 2017, here is my entire Capital One card usage:

• in-store at Walmart (many times)

• in-store at Rite Aid (once)

• in-store at Home Depot (once)

• in-person at an automobile repair place (twice)

• online purchase of event tickets from Ticketfly (once)

None of these were for $165, and I don't think any of the in-store merchants above use Stripe. Not sure if Ticketfly uses them or not, but my Ticketfly purchase was only around $50.

In fact, going back to the end of 2007 I have no $165 purchases on my Capital One card.

So I wonder if they have had some massive screw up (accident or hack) that has resulted in the wrong accounts being credited or debited, and so now they are down while they try to straighten it out. It just seems too much of a coincidence that I get a reported credit that I completely cannot explain shortly before they go offline for an extended time outside of normal maintenance windows.

UPDATE: I was able to get in and check my account. In my recent activity there was a week ago a $165 charge from the same vendor. The listing on the website gives a more detailed name:

  STRIPE VIA QB*2 8 9 DE WWW.QUICKBOOK CA 94043 US
The listing for the credit gives:

  STRIPE VIA QB*2 8 9 DE 877-887-7815 CA 94043 US
Googling that phone number, most of the hits are for people saying they have unauthorized charges on their credit card. A variety of cards are mentioned.

My conclusion: it was a fraudulent charge. Capital One figured out it was fraudulent before it showed up on my statement, and reversed it. Since people with other credit cards are reporting similar unrecognized charges, this suggests some merchant got hacked.