as the shock of the massive data breach at Target over
the holidays has begun to wane, cybersecurity and other
experts are warning consumers to brace for similar
attacks in the coming year.
breach at the mass merchant, which compromised card
accounts and personal contact information for tens of
millions of shoppers nationwide, "kind of takes
your breath away," said Bill Hardekopf, CEO of the
credit card marketplace LowCards.com.
think we are going to see more of this," he said.
"This is what our culture is in for."
times for more strikes will be the next big shopping
cycles that give hackers the potential for the biggest
payoff, such as around Valentineís Day, Motherís
Day, the back-to-school time frame and next Christmas,
said Charles Wood, corporate security specialist and
assistant professor of information systems management at
of people chopping up their cards and filling their
pockets with cash, consumers can take steps to minimize
their exposure to future data heists, experts said.
shoppers should consider the additional risk that comes
with using a debit card versus a credit card.
who get a hold of debit card data gain access to a
personís bank account. And depending on the card
issuerís policy, any money that comes out of the
account may not be refunded right away.
someoneís account gets drained, it may be tough to pay
the bills in the next month," said Jody Farmer,
vice president with the credit card comparison site
CreditCards.com. "The inconvenience is potentially
banks may provide a provisional credit to compromised
debit card accounts within a day or so after a customer
disputes a transaction. But federal law generally allows
up to 10 days for the financial institution to
investigate before making any refunds, said Gerri
Detweiler, personal finance expert with the educational
the meantime, your rent might be due," she said.
general, the more Iím hearing about data breaches, the
more leery I am about using a debit card," she
said. "Iíve seen people have $10,000 taken out of
contrast, if fraudulent charges are rung up on a credit
card, itís the bank thatís out of the money.
the downside of debit cards, many people prefer them
over credit, often as a way to help control spending
because they canít run up big bills the way they can
with credit cards.
people who canít give up their debit cards, Detweiler
recommends setting up two accounts, one for spending
money "and the other to put your paycheck into so
you arenít exposing all of your money to scamsters."
also important to check debit and credit card accounts
frequently online for suspicious transactions and report
them promptly to minimize any damage.
attention to small transactions, not just the big ones,
lot of times thieves put through small amounts first to
see if the account is still active," he said.
notifying a financial institution about suspected fraud,
itís also a good idea to follow up with a written
complaint, Detweiler said.
also recommend that consumers regularly check their
credit reports for errors or unfamiliar accounts to help
detect identity theft, the type of fraud where a thief
may open new credit card accounts, take out loans or
commit other crimes under someone elseís name. For the
victim, sorting out the mess can be a nightmare.
law entitles consumers to free copies of their credit
reports once every 12 months from each of the three main
credit bureaus, available at ,
is a good source of information on ID theft, Murray
STORY CAN END HERE)
the Target data breach revealed Dec. 19, which ranks as
one of the worst ever, hackers stole credit and debit
card numbers, expiration dates and CVV codes, which are
the three- or four-digit numbers on the back or front of
cards used for additional verification.
thieves also captured names, addresses, email addresses
and phone numbers, which could raise the chances of ID
theft. The theft of the personal contact information was
disclosed more recently, on Jan. 10.
banks and other card issuers have contacted customers
who shopped at Target during the Nov. 27 to Dec. 15 time
frame to cancel and replace their existing cards.
Shoppers who havenít been contacted should call their
card issuer and insist on a new card, especially if they
used a debit card, experts said.
I had shopped at Target with my debit card during that
time, I would do that," Farmer said.
the minimum, shoppers should be closely monitoring their
accounts for fraudulent transactions, experts agreed.
STORY CAN END HERE)
who has been on radio shows taking questions from
anxious Target shoppers, said some callers who used a
debit card during the affected period mistakenly
believed that if they had signed for the transaction
instead of entering a personal identification code,
their accounts were more secure.
not true," she said. "It just means the
transaction was processed differently."
Attorney General Kathleen Kane last week warned
consumers to be on alert for "phishing"
attacks linked to the Target breach in which thieves try
to trick people into divulging personal information ó
such as passwords, account numbers and Social Security
numbers ó by sending emails that look like theyíre
coming from Target.
number of scammers have taken advantage of Target
customersí misfortune and have set up websites and are
sending emails with Targetís logos in an attempt to
further victimize consumers," Kane wrote in a news
earlier this month sought to limit any damage and the
assault on its image by offering free credit monitoring
and identity theft protection for one year to all Target
sign up, customers have until April 23 to go to a
special website, ,
and register for an activation code.
itís OK to take advantage of the offer, experts said,
people should make sure they understand all the terms of
the programs so they donít end up paying for coverage
they donít want after the free service period ends.
Washington, D.C.-based Consumer Federation of America
said the offer was not enough.
identity theft service that Target is paying for only
monitors one of the three major credit bureaus, and
while it may alert consumers to new accounts opened in
their names, it wonít notify them about takeovers of
their existing accounts or other types of identity
theft, such as using their personal information to
falsely obtain employment or tax refunds," the CFAís
Susan Grant said.
should also understand that the fraud assistance and
insurance that will be provided are somewhat limited and
that no ID theft protection service can prevent their
information from being sold or used."