So I’m watching my local news this weekend, cringing as the reporters covering the recent Target Breach struggle through the report (complete with stuttering and obviously trying to read from a prompter) and some of their proposed consumer tips once again made it clear that there continues to be a lot of people who really don’t understand breaches. (Internal soapbox: I’m still really not clear why they were proposing that consumers contact Target if the consumer thinks their card may have been compromised – Target can’t do anything at this point unless it’s their REDCard, and Target has already reported that their customer service lines and website are so flooded with traffic that they are experiencing outages and significant downtimes. Call the Issuing institution if you want to request account monitoring or have a new card issued. I digress…)
Let’s look at what’s happened recently. Forty million debit, credit and proprietary cards were compromised at Target in the last month. Investigations allege that for over 2 years, 600,000 cards were compromised through the Wyndham Worldwide Corp. network in 3 separate breaches. Over 18,000 personal identities, including social security numbers, were compromised when a State of Colorado employee reportedly lost a USB drive that held all this information (uhhh, why are we dragging around identities on unencrypted thumb drives???) And possibly the grinchiest of them all – Big Brothers and Big Sisters of America reports that an employee stole an unknown number of names, DOBs and social security numbers to support a drug habit. All this reported in the past month.
Point is breaches are a reality today. We can’t just look for unfaced external foes, but also have to look internally when developing security programs that should be designed to protect information. And we, the Cardholders, can do a lot to minimize this threat.
Several breaches prove we cannot wait for businesses to alert us. Sometimes even the Card Issuer isn’t aware of potentially impacted cards because the business didn’t report the information timely or because the breach is still under investigation.
So, what do we, the consumers, the card holders, the people whose money criminals are trying to steal, do? Ah, so glad you asked. Here are a few tips:
• Call the Card Issuer – It’s likely in the wake of a significant breach that the affected company will be inundated with calls and requests. We’ve seen it before where they can’t handle the significant increase in customer calls. Call the company that provided your card (in most cases a financial institution) and let them know. They have immediate options for you.
• Monitor your statements – Set aside a couple of minutes to carefully review your statements, credit and debit, the day they come to you. Or better yet, check your accounts online periodically. Look for any purchases you don’t recognize and report them immediately to your Card Issuer. You have a set amount of time by law to make reports of fraud before the problem (and losses) become yours.
• You should review your credit report at least once a year anyway, but if you suspect your card or identity was compromised, also contact a credit reporting agency and request a Fraud Watch / Fraud Alert. You can access your free annual credit report via
AnnualCreditReport.com or by calling (877) 322-8228. Federal law allows you to receive a free copy of your credit report every 12 months from each credit reporting company. You can also set up a fraud alert through the three nationwide credit reporting agencies:
Equifax,
Experian and
TransUnion; each have different levels of options.
• You can also contact the Federal Trade Commission (FTC) or file a police report if you are a victim. Visit
Consumer.gov/idtheft and
FTC Free Credit Reports or call the FTC at (877) IDTHEFT (438-4338) for more information.
Safe shopping!