We recently changed to a different credit card processing company.
We did this to improve the quality of service that we provide to our customers. Unfortunately, this switch-over had an unexpected side-effect that has caused concern for many of our users.
We only work with highly reputable, secure, fully PCI-compliant companies when it comes to your sensitive payment information.
We never store credit card numbers on any of our servers. We send your credit card information to the payment processing provider using 128-bit SSL encryption. After that, we wipe the credit card number completely from memory on our systems, and from then on we depend on the payment processing provider whenever charging or editing your card details. The companies that we work with for this purpose are Paypal and Stripe.
During the data transfer between providers, some of the data became unorganized and subsequently needed to consolidated.
With the recent change, we moved the secure data from one provider to the other. Because of the high level of security these companies employ, the data needed to be transferred directly between those two companies’ systems. This is something the providers handled themselves, according to PCI standards. The data was transferred in such a way that the new provider had the correct data, but it was scattered among many duplicate customer accounts.
In order to have clean and precise transaction history and account details, we wanted to consolidate all of the duplicate accounts and the related cards into a more organized, less redundant, structure. We had to make several passes over the data and move things around incrementally until we had the cleanest setup possible.
The consolidation had an unexpected side-effect.
We did not realize that every time we touched your account data (while never touching the credit card numbers themselves), the new payment processing provider was running some sort of authorization on your card which amounted to a $0 charge. Some customers might not have even noticed this. Others have had more serious problems, including having their cards blocked by their banks due to suspicious activity.
The good news here is that our security protocols have continued to keep all of your private data safe and secure.
Even though it caused some panic for our users, there is no permanent damage.
We are dedicated to being transparent and open when we make a mistake or do something that causes anything less than a great experience with Plazko.com. This particular issue can be really scary for our customers.
We do not expect this issue to further affect customers, as the transfer has been completed.
If you have any questions or would like to know anything else about the details of this issue, please do not hesitate to contact us at firstname.lastname@example.org.