Tips for consumers worried about the Target breach

Jan 10, 2014, 11:31 PM

NEW YORK (AP) – Target said Friday that its massive pre-Christmas security breach affected potentially millions more people than it previously thought.

Target Corp. disclosed last month that about 40 million credit and debit cards may have been affected by the breach that occurred between Nov. 27 and Dec. 15. But according to new information released Friday, those criminals also stole personal information _ including names, phone numbers as well as email and mailing addresses _ from as many as 70 million customers who could have shopped at stores outside of that timeframe.

Some overlap exists between the two data sets.

Here’s what you need to know if you think you’re a potential victim:

___

Q: How did this happen?

A: Target has said that the breach was caused by malware that affected its U.S. stores.

Ken Stasiak, founder and CEO of SecureState, a Cleveland-based information security firm that investigates data breaches like this one, says it’s likely that the perpetrators infiltrated Target’s main information hub with malware and from there were able to access the store point-of-sale systems. Once the malware was in the POS systems, it could collect credit and debit card numbers as the cards were swiped.

Stasiak notes that retailers routinely collect personal information such as addresses, emails and phone numbers through things such as rewards cards when sales are made, so that information is also contained on POS systems just like credit card numbers.

Q: If my card number gets stolen, what exactly am I on the hook for?

A: In most cases consumers aren’t responsible for fraudulent credit card charges.

Credit card companies are often able to flag the charges before they go through and shut down your card. If that doesn’t happen, the card issuer will generally strip charges you claim are fraudulent off your card immediately. Usually the worst thing consumers have to deal with is the hassle of getting a new credit card.

But since debit cards don’t come with all of the same protections, holders of those kinds of cards may have a harder time getting their money back.

And the banks and credit card companies ultimately won’t be stuck with the bills, either. Since the fraud has been tied to Target, the retailer will be responsible for compensating them.

Q: What are the odds that my identity will be stolen?

A: There’s no way to know. But Stasiak says the revelation that personal information was taken in addition to card numbers makes it much more likely that the thieves weren’t just out to steal credit card numbers for financial gain.

For instance, criminals could use that personal information to send specific phishing emails to Target shoppers that prompt them to click on links that send malware to their own computers and steal even more information.

And identity theft damage could be much harder for victims to repair than credit card fraud. In addition, if the theft is discovered months or even years down the road, it will be much harder to tie to the Target breach, Stasiak says.

Q: What should I do to protect myself?

A: Consumers who think they may be affected should check their credit card statements carefully for potentially fraudulent charges. Experts say in cases like this when a huge amount of information is stolen, the thieves often sell it on the black market to the highest bidder. As a result, it could be a while before someone tries to use the information for nefarious purposes.

If you see suspicious charges, report the activity to your credit card companies and call Target at 866-852-8680. You can report cases of identity theft to law enforcement or the Federal Trade Commission.

Stasiak says that since it could be a long time before identity theft victims even realize they’ve been hit, people should take Target up on its offer of free credit monitoring. Those services, for instance, inform consumers if someone takes out a loan in their name.

He also advises potential victims to change email passwords and to make sure that the same passwords aren’t being used for other accounts like Facebook. And while the company has not said that its website was compromised in the attack, he says shoppers also should change their passwords related to those, since it’s apparent that Target doesn’t yet have a full grasp of the damage.

Consumers can get more information about identity theft on the FTC’s website at
http://www.consumer.gov/idtheft, or by calling the FTC, at 877- IDTHEFT (438-4338).

___

Bree Fowler can be reached at
http://twitter.com/APBreeFowler

(Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)

Technology

Tennessee Gov. Bill Lee answers a question while taking part in a panel discussion during a Republi...
Associated Press

Tennessee roads plan mulls toll lanes, electric car fee hike

NASHVILLE, Tenn. (AP) — Tennessee Gov. Bill Lee is considering allowing express toll lanes on highways and tripling a fee for electric car owners as he targets his first big push after winning reelection — paying for tens of billions of dollars in roadway projects. The Republican is adamant about what he won’t do: Raise […]
1 day ago
Associated Press

GOP’s Joe Kent contests results of Washington state race

VANCOUVER, Wash. (AP) — Republican Joe Kent’s campaign said Friday it intends to request a machine ballot recount of the counties within southwest Washington state’s 3rd Congressional District. “We believe the election workers did their best to ensure a fair election and count the ballots accurately,” his campaign said in a statement. “But given the […]
2 days ago
FILE - A General Motors logo is displayed outside the General Motors Detroit-Hamtramck Assembly pla...
Associated Press

GM venture to invest additional $275M at Tennessee plant

NASHVILLE, Tenn. (AP) — A joint venture between General Motors and South Korean battery company LG Energy Solution announced Friday that it will invest an additional $275 million to expand a Tennessee battery cell factory for electric vehicles. Officials with the companies had already pledged to spend $2.3 billion to build a battery plant in […]
2 days ago
FILE - A Dixie Valley toad sits atop grass in Dixie Valley, Nev., on April 6, 2009. The tiny Nevada...
Associated Press

Nevada toad in geothermal power fight gets endangered status

RENO, Nev. (AP) — A tiny Nevada toad at the center of a legal battle over a geothermal power project has officially been declared an endangered species, after U.S. wildlife officials temporarily listed it on a rarely used emergency basis last spring. “This ruling makes final the listing of the Dixie Valley toad, ” the […]
2 days ago
Associated Press

Marvell, Veeva fall; Smartsheet, PagerDuty rise

NEW YORK (AP) — Stocks that traded heavily or had substantial price changes Friday: Marvell Technology Inc., down 68 cents to $44.72. The chipmaker gave investors a weak financial forecast. UiPath Inc., up $1.61 to $14.53. The enterprise automation software developer reported strong third-quarter earnings and revenue. Veeva Systems Inc., down $16.52 to $174.90. The […]
2 days ago
FBI Director Christopher Wray speaks at the Gerald R. Ford School of Public Policy at the Universit...
Associated Press

FBI director raises national security concerns about TikTok

WASHINGTON (AP) — FBI Director Chris Wray is raising national security concerns about TikTok, warning Friday that control of the popular video sharing app is in the hands of a Chinese government “that doesn’t share our values.” Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, […]
2 days ago

Sponsored Articles

...
Quantum Fiber

How high-speed fiber internet edges out cable for everyday use

In a world where technology drives so much of our daily lives, a lack of high-speed internet can be a major issue.
(Photo via MLB's Arizona Fall League / Twitter)...
Arizona Fall League

Top prospects to watch at this year’s Arizona Fall League

One of the most exciting elements of the MLB offseason is the Arizona Fall League, which began its 30th season Monday.
...
SCHWARTZ LASER EYE CENTER

Key dates for Arizona sports fans to look forward to this fall

Fall brings new beginnings in different ways for Arizona’s professional sports teams like the Cardinals and Coyotes.
Tips for consumers worried about the Target breach