Alamy Target (TGT) confirmed Thursday a data breach that affected about 40 million credit and debit card accounts. According to the company’s website, data was obtained — customer names and their card numbers, expiration dates and three-digit security codes (CVVs).
Hackers struck at the height of the high-traffic holiday shopping season: Cards used for Target transactions between Nov. 27 and Dec. 15 may have been compromised, so any consumers who used such payment methods at U.S. Target stores in that time frame should immediately check their bank accounts for unauthorized activity.
Adam Levin, chairman and co-founder of Credit.com and Identity Theft 911, advised customers to call their credit card issuers or banks if they see any charges they didn’t make.
“The Target situation illustrates the growing problem with identity theft, which is how ordinary folks are often the real targets of hackers who go after these big companies,” Levin said. “No matter how safe any individual person is with their data, customer databases like Target’s represent a nearly irresistible source of people’s personal information — and their hard-earned money — to hackers, rather than going after individuals one by one.”
What to Do Right Now
You should strongly consider replacing the cards you used at Target stores after Black Friday, considering the high volume of stolen information, Levin said. If you do that, make sure you update any automatic payments tied to those cards, so you don’t miss important bill payments elsewhere. At the time this article was posted, Target’s REDCARD online and telephone account management systems were inaccessible, in the event a cardholder wanted to check on his or her store card activity.
Consumer credit cards do offer protection against fraudulent transactions, but check your terms to be sure what exactly those protections are. Typically, cardholders will be responsible for no more than $50 of the fraudulent charges (some cards offer zero liability), but you must report the fraudulent charges to the issuer. So the sooner you find any, the more quickly you can resolve the issue.
Protections for debit cards vary, and you definitely should check with your issuer on the terms. Fraudulent charges on a debit card are particularly problematic because they directly impact your available cash and could jeopardize your ability to make necessary payments from those bank accounts. In either case, you must report the fraudulent charges to the bank or issuer in order to start to resolve the problem.
Consumers should already make a habit of regularly reviewing their card transactions through a secure Internet connection, as well as periodically checking their credit reports for unauthorized accounts. It’s also important to check your credit scores for sudden changes — a big score drop could indicate identity theft. The key to this strategy is to compare the same credit scores from month to month, using a free tool like the Credit Report Card, because different scoring models will generate different numbers from the same credit profiles.
Even after taking the initial protective measures in the wake of a data breach, consumers should know the risk doesn’t go away. Once the data is compromised, there’s no knowing where it may end up, so it’s crucial to maintain vigilance over your financial accounts. Identity theft protection can be handy for those who want a little help keeping track of everything, because these services alert consumers whenever their information is used to apply for new credit or new entries surface on their credit reports.
More from Credit.com: