Target’s announcement of a credit card breach right before the holidays made the company the butt of late night talk show jokes and the master of the world’s worst timing. Affecting 40 million credit and debit cards (and involving the theft of myriads of PIN numbers), the breach has altered the shopping habits of Americans and has the potential, to cost Target an estimated $680 million in litigation fees, customer notifications, replacement cards, and the sorting of legitimate charges from fraudulent charges. Of course, the amount it could cost them in lost business may be almost immeasurable.
How it Happened
While no one but the actual hackers know for sure what occurred, a number of theories are being bandied about. According to Forbes, the breach occurred between Black Friday 2013 and December 15, 2013 and involved the thievery of customer names, credit and debit card numbers, card expiration dates, and CVV codes.
Target, law enforcement, and even the Secret Service have all begun investigating the crime and surmise that the hackers were successful either by installing malware into a company machine or by persuading an unsuspecting employee to click on a link that downloaded malware, ultimately giving the hackers control of Target’s systems.
The Fallout Begins
The fallout from the Target breach has been drastic: aisles normally packed during pre-holiday shopping were essentially bare.
In New Mexico alone, banks began cancelling debit and credit cards and issuing new ones. Some banks even set up special phone numbers where members could call for immediate cancellation.
Target itself began offering ten percent off everything in their store in an attempt to lure customers back.
The Real Problem
While Target is under the microscope for this breach, the real problem isn’t actually Target: it’s the ubiquity of breaches in the first place. According to USA Today, credit and debit card fraud has almost quadrupled in the last ten years; in 2012, losses amassed to $11.3 billion worldwide. The US is often among the hardest nations hit, likely due to relaxed credit card security and the prevalence of such cards.
Part of the fraud could be remedied by replacing the magnetic strips on cards with digital chips (as is done in Europe), by requiring card users to enter PIN numbers for all transactions, and by setting federal standards to protect data.
Steps for Those Affected
For people who fear they may have been affected by the breach, it’s important to avoid panicking: Federal laws protect victims of breach from being liable for the fraudulent charges incurred. However, they must take steps to see whether or not a card number was actually stolen.
To do this, credit card statements and bank accounts should be checked daily for any odd or unusual purchases or withdrawals. If problems are discovered, the credit card company or bank should be notified immediately. They will issue a new credit card, a new debit card, and likely ask checking account holders to open a new account.
Victims should also request a new, expedited card from their credit card company or bank and inquire about credit monitoring services.
This article was written together with Richard Craft, an MBA student who looks forward to helping you with your finances. He writes this on behalf of CyberSecurityU, your number one choice when looking to get started with your career in cyber security. Check out their website at CyberSecurityU.com for more information about how they can help you as well as informational articles about cyber security.