Update: Impacted Bilt cardholders are reporting receiving an e-mail with the subject line ‘Recent fraudulent activity’ stating the following:
We are aware of recent fraudulent activity that may have impacted your Bilt Mastercard.
What happened:Â
This incident occurred as a result of an external fraud attempt to guess account numbers and other card related data (for example, expiration date) to commit fraud. In short, the fraudsters tried random combinations of account information to see which ones work. The large majority of these are blocked through monitored controls, but in this case, attempts from trusted merchants impacted a subset of Bilt customers. Remember, as a Bilt Mastercard cardholder, you won’t be held responsible for promptly reported unauthorized transactions.1
What we are doing:Â
We continue to implement new security measures to help protect our cardholders and we remain committed to providing you with safe and secure products and services. Please closely monitor your credit card statements and if you have been impacted, contact us immediately at 833-404-2272.
As a thank you for your patience, we are issuing 1,000 Bilt Points to your Bilt Rewards account. It will appear in the next 30 days.
Original post: Recently there has been many reports of unauthorized charges (1, 2, 3) on Bilt credit cards. The issue seems to only be affecting cards that are issued by Wells Fargo and not the cards issued by Evolve. A representative from Wells Fargo provided the following statement:
We recently discovered fraudulent activity that has impacted some of our Bilt Mastercard cardholders. We take these matters very seriously and are working closely with our partners at Bilt and Mastercard to resolve this issue.
A statement provided by Bilt on reddit states that this has been caused by a BIN attack:
Hey all – quick update from Bilt. We have been made aware of a global fraud ring that has been launching what are called BIN attacks. In short, they use compromised merchants to randomly test millions of potential card numbers to see which ones work, focusing in on one card range at a time. While many of these card attempts get blocked (often invisibly to the customer), occasionally charges make it through. This has been happening across banks and we are aware that a few of Wells Fargo Bilt cardholders have experienced fraudulent charges as part of that. Please note that you will never be liable for any fraud. Wells Fargo is reaching out to any impacted customers. And you can also contact Wells Fargo’s fraud team directly at 1-800-723-5533. They will remove any fraud charges and overnight you a new card. We put our customers’ security first and will make sure that this is resolved for you quickly. Thank you again for your patience!
Update: We have been informed that the better number to call is 1-833-404-2272.
If the above is accurate and the unauthorized charges are a result of a BIN attack then personal information such as SSN, address etc should still be secure.
