I just got off the phone with ProPay and they have been receiving a lot of complaints in regards to this issue. While they acknowledged that ProPay is a common denominator in these fraudulent charges, they are not responsible for the data breach. Pretty big coincidence if you ask me. Meanwhile, online complaints are increasing.

Also, I have learned that these fraudulent charges are not only being pushed through by a company called PHE Subscription, but could be a random variation of that (presumably fictitious) name (ie XYZ Subscription) or an entirely different company name altogether.

So if you have, or ever had, a ProPay account you need to check any active bank account you may have had listed with them. Even if you closed your ProPay account years ago. One victim closed their ProPay account 5 years ago and still got hit with a fraudulent charge.

[edited by: Key_Master at 6:16 pm (utc) on Dec. 29, 2008]

Key Master, I am a member of ProPay’s communications team, and can shed some light on this issue. ProPay has recently become aware of what appears to be a large international fraud scheme involving unauthorized electronic checks. To be clear, after internal and external analysis and investigation, ProPay is extremely confident that the stolen bank information came from other sources and not from ProPay. ProPay has an ongoing effort to monitor its systems and continues to be confident in its system security.

The company will be issuing a complete statement on this ACH Fraud Scheme tomorrow morning (January 2). I would invite you to check it out for full information on how to protect yourself and what to do if you’ve been affected.

Thanks for helping keep people educated on the need to regularly monitor all of their accounts.

[edited by: phranque at 11:41 am (utc) on Jan. 2, 2009]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]

Thanks Cheryl for that reply. I look forward to ProPay's statement on this matter.

I have had a ProPay account for years and have recommended them to others in the past. As a satisfied customer, I'd like to believe there is no connection between this fraud activity and ProPay. However, it's hard to ignore the ProPay factor in these fraud complaints.

Perhaps ProPay's servers are adequately secured from outside technical interference and the account data was leaked through other means. For example, improperly disposed of documents or a past or current employee or vendor with access to sensitive data. I'm just thinking out loud with scenarios your company may not have investigated.

I hope it turns out you're right and the connection is purely coincidental. I'd like very much to be able to use my ProPay account again.

Many more phone numbers starting with 1-866 on this website are being posted because of ACH check fraud, and the one thing everyone has in common is ProPay.

People who sold [widgets] and used ProPay to process credit cards in the past have found their checking accounts associated with their ProPay accounts have been debited fraudulently by companies with names that start with "XYZ Subscriptions", with 2 or 3 random letters in front of the word "Subscriptions.

People who set up a special account only for use with ProPay have found this to be the case.

I am looking forward to ProPay's response on this matter as I cannot find anything on their website about it yet.

[edited by: phranque at 2:30 am (utc) on Jan. 3, 2009]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]

Abbey, ProPay is planning to post a full statement today in about an hour (noon MST). I have a copy of that statement, and [snip] I'd be happy to send a copy of it to you directly.

I know that ProPay is working aggressively with law enforcement to find the actual source of this crime.

[edited by: phranque at 2:34 am (utc) on Jan. 3, 2009]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]

The only people that seem to have this happening to them are former/current Propay account holders.

This fraud started at least a year ago, and some people have not used ProPay accounts in so long, they have completely forgotten they even had them. And people are confusing ProPay with PayPal.

But, if you sold [widgets] or anything like that, you might have had a Propay account that was never closed. Even if it had been closed, your information evidently still could have been stolen in this fraud according to victims.

So I am waiting for someone to please prove otherwise that this is not isolated to Propay. Please post a link indicating other account holders affected.

[edited by: phranque at 2:31 am (utc) on Jan. 3, 2009]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]

Abbey, if you go through the [complaint forums and] blogs, you will see that there are users of a number of payment services and banks being affected. I don't want to list their names as I'm sure they'd feel just as unhappy as ProPay must feel to have their names publically implicated as guilty until otherwise proven...

Of the millions of people affected in this ACH fraud ProPay has handled accounts for only a minute portion. These links should give you an inkling of the other services and banks affected and how widespread this problem has really become. Law enforcement is working this case aggressively and I'd be happy to post further updates here as we have them.

It's clear every bank account holder should be vigilent and I would be extremely careful about infering or concluding that any of these providers could be the a common thread at this point.

[edited by: phranque at 2:28 am (utc) on Jan. 3, 2009]
[edit reason] No urls, please. See TOS [webmasterworld.com] [/edit]