Jan. 17--When Jake Wood used his debit card while holiday shopping at a local Target store, he also unwittingly opened his bank account to possible fraudulent activity.
On Wednesday -- nearly a month after Target first announced on Dec. 19 that cyber hackers stole personal information from up to 40 million credit and debit card customers during the holiday shopping season -- Wood received a letter from the company's President and CEO Gregg Steinhafel informing him that his "name, mailing address, phone number or email address may have been taken during the intrusion."
In the letter, Steinhafel apologized for any inconvenience the incident might have caused and offered Wood a year of free credit monitoring.
Wood, however, fears the damage might already have been done. Just days after shopping in mid-December at Target in the Augusta Exchange, Wood checked his bank account with SRP Federal Credit Union to find three fraudulent transactions totaling $140 that had been made in Louisiana.
Wood, whose card was immediately canceled, was refunded by SRP for the charges on his account and just got his new card in the mail.
One lesson that Wood said he's learned in the process is to no longer use his debit card to make in-store purchases.
"If you use debit, that's how they can get your pin so I have to start doing only credit now," Wood said. "I'm having to get used to that now."
Experts agree that consumers who routinely pay retailers with a credit card in lieu of a debit card are more protected if their personal information is exposed during a security data breach.
Under the Fair Credit Billing Act, cardholders aren't liable for any unauthorized charges used if a credit card number is stolen. Debit cards also are more dangerous to use in stores because they can give cyber thieves access to all the money in one's checking account, said SRP President Ed Templeton.
"If you have your debit card breached, they can wipe out all the money in your checking account before you even know it," he said. "Then you have the cascade affect."
Templeton said SRP, which spans 15 offices across metro Augusta, had nearly 7,000 accounts involved in Target's security intrusion that happened between Nov. 27 and Dec. 15. As a precaution, the credit union automatically issued new cards to those possibly affected and covered any fraudulent charges for members. There were 20 such cardholders who reported criminal transactions during that time span, but Templeton couldn't say for sure if they were linked to the Target breach.
One of the first steps that consumers, wary of identity theft, should take is canceling their card used in the transaction, if it's not automatically done by their financial institution. Otherwise, they should be prepared to monitor their accounts very closely, Templeton said.
"You have to almost watch it on a daily basis because you never know when or if the breached data is going to be used," he said.
Having to settle any financial issues after the crime occurs, such as bounced checks or late fees, often poses the biggest headache for members rather than the fraudulent charge itself, Templeton said.
In an era where technology rapidly continues to advance, cyber attacks are likely to become more sophisticated and prevalent.
The data theft at Target was worse than initially disclosed. The discount retail company announced Jan. 10 that the breach could affect an additional 70 million customers, whose names, mailing addresses, phone numbers and/or e-mail addresses were compromised by thieves. On the heels of that announcement, luxury retailer Neiman Marcus revealed that hackers had stolen card information of an unknown number of customers.
In 2013 alone, the Identity Theft Resource Center recorded 619 breaches -- up 30 percent from those tracked in 2012 -- in which personal data was stolen from financial institutions, businesses, government and health care organizations. More than 58 million records were exposed, revealing Social Security numbers, credit and debit card information, financial account numbers, medical insurance numbers and other sensitive material to thieves.
Just two weeks ago, Phoebe Putney Hospital officials began informing thousands of patients that information including names, birth dates, addresses, physician names, diagnosis information and dates of service had been taken after a password, unencrypted computer went missing in November. In 2012, a cyber attack also affected some 3.6 million South Carolina taxpayers, exposing thier Social Security numbers and other information.
"Consumers remain largely unaware of this issue but retail/merchant data breaches often heighten awareness," said Eva Velasquez, the president and CEO of the Identity Theft Resource Center.
With the data breaches at Target and Neiman Marcus topping headlines in recent weeks, Velasquez said the call volume at the center has increased dramatically.
"The general sentiment from consumers has been, "I know I'm victim of this data breach -- but what does that actually mean to me?,'" she said.
Velasquez said customers can safeguard their personal information by asking questions before readily providing Social Security numbers and asking company employees how they store and secure personal data.
"However, it's important to realize that consumers can do everything right and still become a victim," she said. "There are some things that are simply out of their control."
Dave Chatterjee, an associate professor of management information systems at the University of Georgia, also offered the following ways that consumers can stay vigilant in keeping their personal information secure:
--Use cash instead of credit.
--Monitor all financial transactions daily.
--Set up a credit monitoring system to protect against ID fraud or theft.
--Be aware of dumpster diving, where thieves go through garbage for discarded financial documents or digital media. Always shred documents before trashing them.
--Be aware of skimming, in which thieves capture credit or debit card information at a point-of-sale terminal.
--At a restaurant or store, be leery of employees taking a card out of sight. It can be run through a hand-held scanner, capturing information and then used to run up charges on an account.
Josh LaForce, co-owner of ITS&S, a local company that focuses on network installation and security for businesses and consumers, said he believes that the recent security breaches are bringing to light the need for regulation, not only for major retailers but also for smaller businesses.
"Congress is already working on a bill to hold companies liable or also enforce certain types of security mechanisms in their local networks," LaForce said. "That's what would make people feel more comfortable."
(c)2014 The Augusta Chronicle (Augusta, Ga.)
Visit The Augusta Chronicle (Augusta, Ga.) at chronicle.augusta.com
Distributed by MCT Information Services
Original headline: Experts give tips on how to stay protected from identity theft
Most Popular Stories
- McDonald's Packages Coffee for National Distribution
- Homebuilder Confidence at Highest Since January
- Parents Opt to Keep Baby Photos off Facebook
- HTC Makes Windows Version of Flagship One Phone
- Rising U.S. Consumer Prices Slowed Down in July
- Sprint Cancels Framily, Rolls Out New Data Pricing Plan
- 'Turtles' Easily Tops 'Expendables 3' at Weekend Box Office
- Home Depot Builds Nice Net Income in Q2
- Mike Brown Death Timeline
- St. Francis Names Rodriguez as New Dean