One of the best parts of my job is helping address readers’ financial concerns. The data breach at Target had a lot of people really worried.
During my last online discussion of the year, a number of people were concerned that information on about 40 million credit and debit card accounts was accessed between Nov. 27 and Dec. 15. This included customer names, credit or debit card numbers, expiration dates, and security codes. Here are some of the readers’ questions:
Q. How can the information about one credit card lead to identity theft?
A. The Federal Trade Commission says identity theft is the number one complaint it gets from consumers every year.
There are many forms of identity theft. If identity thieves have your personal information, they can access your bank account, buy a car, open utility or mobile phone accounts, get medical care using your insurance, or commit a crime. Identity thieves can use stolen debit or credit card information to create counterfeit cards or make online purchases. Brian Krebs, who runs the KrebsOnSecurity website, has found accounts from Target customers have already been selling on the black market for $20 to more than $100 per card. In a blog post, Krebs, a former Washington Post reporter, details how the cards were being sold.
More than 12 million people were victims of identity fraud in the United States in 2012 and criminals stole nearly $21 billion, according to Javelin Strategy and Research, which tracks identity fraud trends. Here’s something to consider. Javelin found that consumers who had their Social Security numbers compromised in a data breach were five times more likely to be fraud victims.
We become more aware of identity theft when big breaches are disclosed. But many people make it easy for identity thieves. When I do seminars on identity theft, I ask: “What’s in your wallet?” It never ceases to amaze me how much information people carry around. One time a mother pulled out her children’s birth certificates, Social Security cards, and passports. She had registered the kids at a new school a few months earlier and had forgotten to put the information away at home. Many had Social Security cards in their wallets. Others had old mortgage bills. Information about your lenders can be used in security checks to verify your identity.
Q. It is time for the credit card companies to come up with something new to protect their customers. Short of millions of customers canceling their credit cards, what can we do to protect ourselves? Just because crooks have the information doesn’t mean they will use it right away. It could be months before they use anyone’s information, so checking now for activity could miss it.
A. In its most recent identity theft report, Javelin said 1 in 4 people notified of a breach ended up becoming a fraud victim. So if you shopped at Target during the period its system was compromised, you need to take steps to protect yourself. If you see any unauthorized activity, contact your credit card company or your financial institution. In addition, contact the FTC at 877-438-4338. You can find information about other steps you can take at www.consumer.gov/idtheft.
Most importantly, you will need to monitor your credit reports from all three major credit bureaus — Equifax, Experian, and TransUnion. You should be checking your reports as a routine precaution. You can get free copies of your credit reports from www.annualcreditreport.com or by calling 877-322-8228. You are entitled to one free report from each bureau every 12 months. Additionally, identity theft victims are entitled to a free credit report from each of the credit bureaus. If you do become a victim or are worried about your information being stolen, you can place extended fraud alerts or credit freezes on your credit files. To find out more how each works, go to www.ftc.gov and click on the link for “Tips & Advice.”