Background
A few days ago I received this email from Target. As you can see, they informed me that they had a breach of security and information about my account may or may not have been stolen to be sold in the black market.
It is, to me, a standard “account breached” letter. I actually sent one on behalf of the credit union where I worked years ago when TJMaxx had the same breach of security and customers’ information and credit card and debit card numbers were stolen. It was not the credit union’s fault, but the problem was large enough that we deemed it morally right to inform our members directly, so that they could keep a check on their accounts, just in case. A good neighbor gesture, if you will.
When I saw this letter, I quickly scanned it and decided it was Ok to delete in my case. It has been eons since I bought anything from Target, since I no longer live in the United States. Any card information that these crooks may have on my account would be severely outdated. Therefore, I put it out of my mind.
The plot thickened
However, the credit union sent a warning message to members as well, a few days ago, bringing up this Target subject again, so I decided to check online for news on this matter. It was troubling news.
It’s a little more than your standard theft of customer account and names. The reality is that crooks hacked Target’s system using malware and proceeded to steal bank card numbers as the cards were being scanned in stores all over the United States. The PIN numbers were also stolen, BUT they are encrypted with a triple code encryption system that is, theoretically, impossible to crack. This theft affects up to 110 million Target customers and reportedly around 1 million Neiman Marcus clients as well.
So, theoretically, if you shopped at Target or Neiman Marcus in the last 90 days, your debit card is safe. Theoretically.
Note that I said debit card. Why not credit cards, too?
Because credit card payments do not require a PIN number. That’s why. It makes them much juicier to steal.
So, if you read this and wonder: well, should I worry. The answer, my friend, is a definite yes.
What troubles me should trouble you
When data banks of this sort are breached, the thieves do not steal the data to use it, but to sell it. It becomes merchandise, which is sold in small blocks of a few hundred to a few thousand accounts at a time, to various buyers which are up to no good. These sales somehow seem to take place very often in, from, or ending in Russia or former Soviet nations.
Those buyers in turn sell the numbers in the street or even to fake ID makers. What could be nicer, if you were a crook, than to buy yourself a tidy new temporary identity with an actual, honest to goodness credit card attached to it?
There is some relief
Card issuers –I mean credit and debit card issuers- in recent years have installed defense mechanisms that help protect you, the cardholder, from having your account stolen and used in this fashion. Have you ever been travelling abroad and shopping when sudden and inexplicably your OAS Staff FCU credit or debit card do not work and you are told by a very snotty looking clerk that the card won't accept the charge and to pay them some other way?
That embarrassing moment comes to you courtesy of FALCON. Falcon is the fraud prevention-software for your debit and credit card. They analyze you purchase habits over time, and if you step out of line, they call the account to a halt to make sure that your money is safe. It is nice, but embarrassing. I've been there. That is why I got used to emailing my credit union’s card representative before I did something unusual with my cards, in order to avoid any more of those awkward moments; they can enter the information of what I am about to do, or where I am about to travel, into the card system so they are aware that there will be “exceptions” to my normal shopping habits, and allow them. Nowadays I can send those emails via the online banking system –through the Contact Us tab-. Yes, it is an extra step, but I like my money where it belongs more than I dislike having to write onerous emails. I have come to view it as travel insurance.
What to do, what to do
So, where does this leave you? If you have shopped at Target in the past 90 days, consider making the extra effort, it may save you the headache and heartache. If you have a debit card, use your online banking system to keep an eye on your account more often than usual. If there are any unauthorized debits, you only have 60 days after the mailing of the statements that contain those debits to file a claim for refund of your money. If your account is compromised, cancel your debit card immediately.
If you have a credit card instead, be a little more worried. While Falcon is a very nifty system, very capable of catching exceptions, you never know where a card in your name is going to be used. It may be random enough to slide by. Avoid that, contact your credit card issuer and have them place an alert on your card, if you want to be extra careful. Also, most credit card issuers offer access to your card online, so that you may view charges any time; do yourself a favor, and keep an eye on those, if possible.
If you detect unauthorized charges on your credit card, contact the issuer immediately to cancel the account, inform them of which charges were not made by you, and start the process to refund you the money and get you a new credit card number. Credit cards do have a liability charge of $50, it is an unavoidable fee, and it is standard. You will just have to bite that bullet.
It is not my intent to scare anyone. These are just standard good practices any time that you understand that your accounts, of any kind, may have been compromised. Regardless of this, it is good common sense to check your accounts at least once a month. While you may not avoid becoming the bull’s eye on a crook’s target sometimes, you can still stop them from running away with all the booty.
No comments :
Post a Comment