For those of you who have been asking us over the years why we don’t have an e-commerce site, today was example #1376. The company we hired, after the first 2 failed to be able to get the site up according to our specs, assured us last week that the link we posted was secure and ready for starting or renewing subscriptions. Today we learned that it was in fact not secure and are horrified that this programmer was so sloppy. This company was listed as a “Gold Star Provider to Quickbooks” which is the software we use to process credit cards and maintain our accounting system. We thought we were hiring the best. We are trying to work with the owner of the company for a resolution. No problems with any data have been reported and we have no reason to think that security has been compromised. But we operate under the “Do unto others” philosophy and want to alert you that this has happened and to double check that nothing odd is showing up on your credit card statement.
First our apologies to you. We take this stuff very seriously. We knew that there were problems for some orders but we only learned this afternoon that the site was not secure yet. They had informed me on Wednesday that it was. We will pursue a resolution and determine if we need to fire these developers as well or if they can rebuild our trust. In the meantime, please call us at (708) 445-1817. Please also keep an eye on your credit card statements to ensure that your information was not compromised.
This kind of thing is a business owners’ worst nightmare. When it comes to e-commerce, we are faced with operating a site that is not linked to our accounting software and spending huge amounts of time re-entering all of your data by hand or opting for a more sophisticated site that allows us to not waste huge amounts of time. We have tried to opt for the latter, even though it is more costly because the double-entry is too time-consuming for the volume of sales we have. Sadly, we’ve found out, yet again, that people don’t always do things as thoroughly or accurately as they promise. We’ll stay on it and will remove the post with the link in it so no one else will have problems. Again, our apologies. Call us if you have any questions. Thanks.
craftnectar.com 
Oh, Weeks, how frustrating. At least you found it before there was any major trouble for us, so thank you. I’m nearly due to resubscribe to MQI, and I have nearly made room in my sewing space for a kit. OK, truthfully, it will be stored under my bed, but don’t tell anyone:)
Weeks, this must be incredibly frustrating for you. I think I speak for many people when I say that we appreciate your honesty and transparency. It enhances OUR trust in YOU, even if you can’t trust the company you paid to develop the website. Thank you for all the hard work you do and for the honesty–it would have been too easy to just “fix it” and not tell anyone unless there was a problem.
Oh thanks Mary. It is so frustrating. We’ve paid these people thousands of dollars and they won’t return phone calls and won’t listen to the problems. All correspondence is done via email and they write in tech gibberish. I’m hoping we can get it sorted out but Bill and I have always held that there will be mistakes but the greatness of a company is in how you handle those mistakes and if you treat people the way you want to be treated. Many thanks for the pep talk. We need it.
I totally agree with Mary P and encourage you to keep at it. Its always a learning experience (unfortunate sometimes). We internationals are waiting desperately for your e-commerce site,and appreciate all your perseverence in order to get this on the road. Thank you both…hang in there!!
Ugh. :-/
One thing they should be doing is running the payments through a 3rd party resource that IS secure, like Authorize.net.
(web dev AND quilter here…)