BBB Advice for Dealing with a Data Breach
December 19, 2013 – Consumers who recently shopped at Target are understandably concerned that their credit or debit cards may have been compromised by the data breach announced by the retailer this morning. The data breach could impact as many as 40 million shoppers who used credit or debit cards to make purchases at Target stores between November 27th and December 15th of this year.
Hundreds of data breaches occur every year at retailers, health care providers, government agencies, and other organizations, according to the Identity Theft Resource Center, which has been tracking them for the past 8 years. A 2013 Identity Theft Report by Javelin Strategy and Research found that one in four consumers notified that their information may have been compromised in a data breach became the victim of identity theft.
“Consumers who receive notification from Target that their information was part of the data breach should take it seriously but not panic,” said Randy Hutchinson, BBB of the Mid-South president. “Target is working with law enforcement agencies, financial institutions and a leading forensics firm to investigate the breach and notify customers who may be affected.”
You can read the official Target statement on their website at www.target.com.
An increasing number of state and federal laws dictate that companies must be proactive in notifying consumers when their information has been compromised in a data breach. Businesses can check out BBB’s updated online guide Data Security – Made Simpler for free information on how to create a data security plan.
BBB offers the following advice for what to do if you are notified that your information has been compromised in a data breach:
- Take any notifications that your information may have been compromised in a data breach seriously. Most companies will set up a hotline to address concerns and answer questions.
- Sign up for any free credit monitoring that may be offered by the company.
- Contact your financial institution or credit card issuer and get their advice on what to do, which may include closing the account and/or issuing a new card.
- Your bank or credit card issuer may call you if they detect possible fraudulent activity on your account, but they won’t ask for PIN numbers or other confidential information.
- Be vigilant in checking your bank and credit card statements. If you can, check online rather than waiting for a paper statement to come in the mail.
- Beware of scammers. A widely publicized data breach such as this affords crooks the opportunity to contact you pretending to be from Target, your bank, or credit card issuer, phishing for information.
- Never provide financial or other confidential information in response to an unsolicited email. Don’t click on links or download attachments.
- Consider filing a fraud alert with all three credit reporting agencies – Equifax, Experian and TransUnion. You only have to contact one, who will inform the other two. They’ll flag your credit report for 90 days and notify you if someone tries to open a new account using your information.
Even if you aren’t affected by this most recent data breach, you should obtain a copy of your credit report on a yearly basis to insure the information in your report is accurate. Federal law allows you to request one free copy from each of the three reporting agencies each year. Free reports can be obtained at www.annualcreditreport.com or by calling 877-322-8228.