Hacked credit card/Marley's

Has anyone else ever had a credit card hacked after using it at Marleys in Hackettstown? This is my second time in a year.


Almost positive this was where ours was hacked last year as well.

joyful joyful
Nov '15

I will never go back


I've used mine there Numerous times for years, and never had an issue. That's a pretty serious accusation, and should have some proof before you post it in a public forum.

Denis Denis
Nov '15

I completely agreed with you Denis until the second post of this thread...

brown bear2 brown bear2
Nov '15

I "second".
I would completely trust what joyful says.

happiest girl
Nov '15

Two times in one year seems a bit suspicious?


if joyful says it I agree

Skippy Skippy
Nov '15

The only transaction that your card is out of your sight is a restaurant - but really how long is an employee going to last stealing credit card #'s?

That is like 2005 thinking - when there are websites you can get a hot card number instantly for a few bucks...more likely you have a virus on your computer...

But defame Marley's at will...did you ask your credit company where the charge was made from?


I agree with RU. 9/10 times it is not the retailer. It is the clearinghouse that processes the card. Do your research before throwing someone under the bus.

CraftBeerBob CraftBeerBob
Nov '15

True, more often the card number is not stolen by a person in possession of the card but electronically. However, the numbers are not usually stolen from the servers of the companies/banks that issue the cards, or even from the main servers operated by the card companies (like Visa).

Most restaurants (and other vendors) use a smaller company which processes the card transactions, and they keep a record. The vendor also keeps a record, either on its own computer system or on cloud storage. And many vendors back up their computer systems through other companies or through cloud storage (in case their own computers somehow lose the data). Those are the weak links from which hackers sometimes steal info.

It is not uncommon for hackers to steal info from purchases made from a particular vendor or group of vendors, through one of those weak links. Thus, it's possible that several customer's at Marley's have had their accounts hacked, but without the knowledge of anyone at Marley's. Therefore, bringing this to the attention of others--AND to Marley's--is actually a good idea. Perhaps it will be investigated and a breach of security found. However, it might be a better idea to contact the owner/manager of Marley's, first, before posting about the place publicly and negatively.

JerseyWolf JerseyWolf
Nov '15

Your missing Joy's words "Almost" certain" is different than "Absolutely" certain. Before the HL "bash" a company starts, stop and think first. Joy did not accuse. Others interpreted it that way.

auntiel auntiel
Nov '15

Auntiel...you have mail...

joyful joyful
Nov '15

joyful...ditto...

auntiel auntiel
Nov '15

Auntiel read OP. That is pretty absolute to me.

CraftBeerBob CraftBeerBob
Nov '15

I've known a few cards to have charges made to them after using their cards at Marleys. Someone who is a regular there said an employee got caught a while back. It's all hearsay.

What I do know is my husband had tipped a bartender cash and she added a tip on his card after. He doesn't care about things like that enough to complain since he was in the service business years ago but was sort of shocked and showed me. Now we only use cash there.

An on An on
Nov '15

As someone who has done PCI security audits and investigations it is most likely the POS system that is compromised or a bad employee that skims - I have seen numerous complaints about both Marley's and the Lukeoil gas station on Mountain Avenue - I love Marley's don't get me wrong - but I always always paid in cash there.. It is not necessarily the fault of the establishment either - cardholder data is easily comprimsable any time you hand someone your card.

Skippy Skippy
Nov '15

I've used my card there for 30+ years. Never had any problems.

MikeL MikeL
Nov '15

thx for the info skippy and good advice. the Lukoil has been closed a while now - the one across from Raceway right?

I don't see this thread as bashing Marley's ownership or their food in anyway. I'm sure it's a fine establishment. You can't watch all employees all the time. If something was wrong with the POS system and there are have been multiple complaints, I would hope that ownership would get it fixed, get a new POS system - or at least alert their customers to get in front of any perceived problems with employees.

brown bear2 brown bear2
Nov '15

yep that was the one Brown Bear2 - its often too late before the clearing companies or banks let the merchant know - its often a month or more down the line unfortunately

Skippy Skippy
Nov '15

We and 9 other customers were hacked at Marleys (about 2 yrs ago?) On St Patrick's day.

Funny lady Funny lady
Nov '15

@JD. If you did in fact get your card stolen at Marley's it is most likely not their fault as they are probably a victim of hackers if it did happen there. Have you ever purchased anything at Home Depot, Target, KMart, TJMaxx? Those are all stores that also got hacked over the years. It is almost like saying that you will no longer do business with a bank that has been robbed before even tho your money is safe.

I happen to work for a technology company that Point of Sale systems is one of our product lines. We invest very heavily in security and it is always a cat and mouse game. we have had our systems hacked as well and all you can do is work with the authorities ( Local Police, Secret Service) to help them catch the bad guys which only happens about 50% of the time.


I haven't been to Marleys in a long time but hopefully they have upgraded to a chip card reader. If not, please contact your merchants services provider and request one - not just for the safety of your patrons but for your own good.

For all HL readers, if your bank has issues your a chip and pin or ship and signature card, use it! Swiping a chip and pin has no added benefit, but when you insert the chip into a machine, it generates a one time use token that represents a credit card number and while not impossible, severely decreases the likelihood of illegal usage.

Tap to pay, like apply pay and android pay, also generates a one time use token and is much more secure. Breaches like Target and Home Depot probably would not have happened if the US used chip and pin.

Anyone interested in learning more should talk to their bank/credit card company about Chip and Pin / Chip and Signature which uses a technology called (EMV). If you are a merchant, you should definitely upgrade to a chip reader (You may be liable for fraud at your shop!).
And if your bank hasn't issued a chip card, you you make sure to request one. And use it, don't swipe your card at places like walmart when you can use the chip.

alpha1beta alpha1beta
Nov '15

Agreed to both - unfortunately the new chips are expensive for merchants and processeors and cut into bottom line but are essential for protection of CHD

skippy skippy
Nov '15

Pretty soon liability will fall on the retailer if the card has a chip and they swiped it or don't have a chip reader. This will be a big paradigm change in who pays for unauthorized use. Abroad they have had chips for years and use pins as well on credit cards. Only Target is doing that now (poor Target but they are doing it right going forward)...


The point I was trying to make is that you cant blame the merchant's, in this case Marley's. If it was an employee that skimmed the card I am all for blaming them, but most of the time this is not the case.

The majority of the people still don't have EMV/Chip cards. The US, doesn't have Pin & Chip, only pin and signature which is only half the answer.

Europe already had hackers fake the Pin & Chip cards,although now fixed, it will always be a cat and mouse game between the good and bad guys.


The point is ..... Marleys has had more than enough time to do something about the problem and yet it still continues to happen. Let's face it they are not a Target store with thousands of people buying at the store every week. They are a small town restaurant with the same patrons visiting often. Believe me they are well aware of the problem! Btw I do have a chip on my credit card. Marleys does not have a reader.


" Have you ever purchased anything at Home Depot, Target, KMart, TJMaxx? Those are all stores that also got hacked over the years."

Incorrect. Their payment processor (Heartland) was breached. As stated upthread, that is the more likely scenario here also.


@Whip

Where are you getting your information from? Home Depot AND Target were direct breaches. Try to get your information fro the right sources. Malware was installed on their POS's by exploiting a vendor's account into their system. A very simple Google Search will give you the following articles:

Target: http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.html

Home Depot: http://www.infosecurity-magazine.com/news/home-depot-breach-third-party/


@JD: Has had more than enough time? That is the farthest from the truth. 50% of the networks that accept credit cards in the US today still cant accept EMV through POS terminals because those POS terminals are not certified and CC Processors have a backlog of about 14+ months. Gas stations still cant accept EMV/Chip Cards, Home depot although has had the readers for over a year, as only started forcing Chip/EMV on the cards over the last couple months. You know why? Because the networks haven't been ready.


Ijay it is not pretty soon. Retailer is now liable.

CraftBeerBob CraftBeerBob
Nov '15

So I just had dinner at Marley's. Paid with aa credit card. If it gets hacked, I will just call Discover and ask for a new card... Chips, swipes, I don't care. No risk to me.

Maybe I'd be worried if it was a debit card.

Mark Mc. Mark Mc.
Nov '15

The liability shift was on October 1st, 2015.

Please, if you don't have a chip and signature card call your credit card company and ask when they're coming. If you're a business without a reader, call your merchants services provider. I really can't stress that enough.

The easier way I've heard of to "hack" a chip and signature card (In person), is to make multiple swipes while you have it in your possession, such as a backroom.
Because your card number never leaves your card, its almost impossible to reuse a card number, by the store, or the payment processor. If you are worried about a thing like that, set up text or push alerts with your bank's app for any purchase and you'll know right away if anyone double swipes your card.

alpha1beta alpha1beta
Nov '15

Mark nailed it - that's why nobody cares - the liability is Shifted to the merchant which results in higher prices unfortunately

skippy skippy
Nov '15

So much misinformation here.

CraftBeerBob CraftBeerBob
Nov '15

I'm just seeing this thread, but I took my son out for wings at Marley's in mid-November, first time I'd been there in 5+ years. A week later, my cc is hacked by someone in Brooklyn who is going crazy for fast food, footlocker, cigars, and jewelry. Thousands charged!!! My cc company erased it all, but kind of a mess.

Coincidence??? Not so sure after reading this post.

Bikester Bikester
Dec '15

Week later? I am assuming that you did business in the days and the day of? I have cross-referenced one business on the West side of town where 2 CCs were hacked over one year. No issues since then. I will not name the store, but it is common for a low paid worker to swipe cards for an easy $10 each. Chips will help, using the magnetic strip is too easy to clone.

Also, set your credit card accounts online to send notification for any dollar amount transaction (depending on the bank it is $.01 or $1). This way you can stop them from buying too much even if it can be reversed this fraud is paid for by the customers (high interest rate, late charges, etc.)...


Actually ijay fraud is not paid by customers at all, it's paid by the stores where the items are charged, the banks don't eat anything they actually make money on fraud by charging the stores a $25 fee on top of the reversed charges. I had a retail electronics business for many years and dealt with this on a ongoing basis. I would get orders online I knew were fraudulent and I would try and alert the banks, but they really didn't care because it was no loss for them. Whenever things were tracked down it was almost always some type inside the bank, or credit card processors theft of information.

Denis Denis
Dec '15

Actually the banks eat some too and only the credit card companies escape with just the cost to replace the card.

Like Denis said, small business really takes it on the chin not only for the lost merchandise but if the don't reimburse the bank they get black listed for processing credit making them consumer unfriemdly. Its a double whammy. Unlike large cocerns the money and blacklisting can kill a small business. Seems unfair.

Strangerdanger Strangerdanger
Dec '15

The banks don't ask for reimbursement, they just take it from your batches, + at least $25.00. There is nothing voluntary about it. Again the bank eats nothing, they actually profit from fraud, and the small business owner pays the price. It would be pretty much financial suicide for any local small business to allow credit card fraud to knowingly take place. Too many chargebacks, or fraud tied to one place and you will be forced to a cash only business.

Denis Denis
Dec '15

Anyway, no need to compensate criminals more than the bare minimum...


http://www.nerdwallet.com/blog/credit-cards/merchants-victims-credit-card-fraud/

I read it here Denis.

Strangerdanger Strangerdanger
Dec '15

I am explicitly involved in PCI 3 compliance and will argue anyone on the subject with the guidelines and compliance initiatives - the merchant absolutely eats it

https://www.pcisecuritystandards.org/security_standards/

Skippy Skippy
Dec '15

100% right Skippy, the article is totally misleading. I've processed millions of dollars in credit card orders over 20 years, and when I was in the consumer electronic field fraud was an ongoing issue. I could have a name match, address match, CVV code match delivery confirmation, and if it gets contested I'm out the money and $25.00 penalty to boot. Sometimes I would get orders that were so clearly fraudulent, I used to try and call the bank to alert them, and I would get switched from one rep to the next and put on hold forever, they really don't care until the the cardholder calls, they still get there fee's.

Denis Denis
Dec '15

Skippy. Can you help explain why banks and processors did not go to chip and pin technology and they only went with chip?

CraftBeerBob CraftBeerBob
Dec '15

No matter whether banks suffer losses or not, it's the retailer that gets hit the hardest and the small business that feels the worst pain.

Here's some horror stories but note the "When fraud occurs in a face-to-face transaction -- at a department store or gas station, for instance -- the issuing bank shoulders the loss. Police say many banks find it easier and more cost-effective simply to write off such losses than to spend the time and resources pursuing the culprit, especially if the amount is less than $2,000." http://www.wsj.com/articles/SB105173975140172900

So the bank is initially out the money, that's a cost. And most often the bank turns to the merchant for reimbursement, but not always. Even if fully reimbursed there is a cost. Also, some credit card fraud is cash only. Lastly the bank re-issues the card, a cost albeit small one.

No need to beat me up on this one, I really don't care that much but only pulled a link because I couldn't believe the merchant ponied up. And no matter what the bank puts up its a pittance against the merchant's loss who apparently is guilty technically for not exercising due diligence like checking signatures for matching. In my case that would be laughable comparing doodles to doodles.

Makes me wonder why merchants are so nonchalant about credit cards. I have signed the backs of I don't know how many cards right at the register at the merchant's request. No problem starting with an unsigned card. No one has ever asked for my picture-license to confirm identity. My signature for purchase can be Donald Duck, no one at the store cares. That's the main reason I was flabbergasted to see that they ponied up for fraud --- the actions just don't seem to match the result.

Likewise, my credit card company seems to develop anti fraud software like mad. I don't know how many times I have gotten the call, did you charge this? Usually for minimal amounts in other states no doubt as test cases to see if the number was good. But I travel a lot so I am weirdered out how they know when it's me and not me. It's like they can see the plane tickets and hotel charges..... If it's no monetary skin off their nose, why do they bother? Reputation?

Can't wait for the chip though. I am getting tired of getting new cards. Especially since the auto payment process is manual and does not transfer from old card to new so I have to close out the auto pays and restart them manually. Used to be automatic but they "fixed" that. Also lost the ability to link old accounts to new so I have to ask politely for archive information. That's what I pay for credit card fraud :>(

strangerdanger strangerdanger
Dec '15

SD - One of the big issues is that even if your new card has the chip, many businesses are just saying they'll never support it. Been to two local businesses recently that have the right hardware with the chip slot in their card readers. But went to use it and they said "oops, that doesn't work" and "we don't know if it will work let alone when".


My latest Target card actually has no magnetic strip at all on it and uses chip and pin technology.

strangerdanger - if you'd have come to one of the R & S Strauss stores that I managed, you bet you'd have not only been asked for your license, then we'd have watched you sign it and compare the signatures, especially with the old licenses with no photo. I realized the importance of doing that after reading the details from the card companies and our loss prevention dept. tried to make sure everyone followed procedure. If a customer ever had a problem, the cashier was to immediately page me and I'd make sure the customer was taken care of properly.
The card itself is the property of the Credit card company and their instructions were that you had to sign it upon receipt to protect against fraud.

I had customers that didn't sign because they'd forgotten, but others claimed that they weren't responsible if they didn't sign it. I told them that only made it easier for a thief, since they could sign the name on the card in their own handwriting and nobody would be the wiser. Signing the card helped protect against the time and trouble to report the card, get a new one, fight any charges on there that weren't your own. "It was stolen BEFORE that TV was charged to it, not after." The store could go after them for any losses because the customer didn't sign the card on arrival, hence they "enabled" the fraud to be easier to take place.

Phil D. Phil D.
Dec '15

Truly awful that you would drag this business name through the mud. There is an issue in Hackettstown in general, not just Marley's. I have frequented that bar for the past three years and I have never swiped my own credit or debit card when purchasing food or beverages for myself, I ALWAYS pay cash. AND YET, my card information has been breached twice over the past year. Online and mobile purchases, gas stations, small convenience stores, large retailers... Heck, they have devices that steal debit card information when you simply WALK NEAR THEM. Shame on you for unnecessarily slandering a local business run by honest people.


I refuse to use my debit or credit card in any Walmart ever again. Three times my card has been hacked and it has always appeared to be to do with Walmart

Mommyof3 Mommyof3
Dec '15

Victim here as well. My credit card company just called with questionable charges from the White Plains/Bronx NY areas. Toy stores and fast food places the last couple days. Sure enough they weren't mine.

I have never frequented Marley's. I did use the card at Frutimex in Hackettstown last month and last used the card at Bottle King in Mansfield last week.


Never support it? We are going down the Third World route. In the Third World they use the chip and a pin for credit cards. Only Target does this now, kudos to them...


Mommyof3, did you use your card at Walmart or was your card used at Walmart? Big difference, the later just means that's where the fraudsters like to shop...


Back to the Top | View all Forum Topics
This topic has not been commented on in 3 years.
Commenting is no longer available.