A few days before Christmas, I hit a Chicago Target and bought “Pac-Man and the Ghostly Adventures,” a Wii U game for my son. The half-price sale proved too good to resist, but only up to a point. Nothing short of a gun to my head could’ve compelled me to use my credit or debit card at Target — not with all the uncertainty surrounding the recent Target data breach, one of largest thefts of customer credit card data in history.
So I paid $20 of the balance with a Target gift card, and the remaining dollar and change with another Target gift card. Then I resisted the urge to scowl at the Target employee ringing me up, because I had one of those irrational, non-productive questions swirling around my brain: “How could you idiots let this happen?”
Here’s what scares me about the Target data theft, where some 40 million customers had their credit card data stolen between Black Friday and Dec. 15. Close to two weeks after the crime transpired we know nothing about who did it, let alone how they pulled it off or the ultimate cost for consumers.
Here’s what we do know, courtesy of SuperMoney: The retail giant could be liable for up to $3.6 billion, the number that results when you multiply a $90 per-consumer fine times 40 million. Ouch.
And that’s just the beginning. When you add up the pending class action lawsuits in California and other states, and the new measures Target needs to take to usher its credit card security into the 21st Century, you’re looking at digits that make $3.6 billion look like chump change.
But is it fair to pick on Target alone? Could this kind of breach rear its ugly head soon at another big-box store? And in the meantime, what can you do to protect yourself from becoming a victim?
First, realize that yes, it can happen again—and it can happen to you. Better yet, revise that to it will happen again. As TechCrunch reports, Target collects customer information the way so many businesses do—through magnetic strips on the back of cards: “Data encrypted on microchips has been used in Europe and other parts of the world for years but the U.S. lags way behind, making it a haven for black market hackers.”
So whaddya say we wipe that smug, tech-superior grin off our faces, and start securing our credit info? But where do we start?
First: If you were part of the Target hack, know that you’ll be entitled to some privileges. “Target is offering free credit monitoring to customers who were exposed, but details haven’t been announced yet,” says credit expert John Ulzheimer, president of the Ulzheimer Group and a blogger for CreditSesame.com, a credit management website.
Ulzheimer shares with Money Under 30 five tips for smart consumers to follow in the wake of the Target debacle:
1. Move from debit cards to credit cards.
While we’ve preached time and again about the ills of running up high credit card balances, this tip will work for anyone who can pay off a balance in 30 days. Use credit cards where possible because they offer more aggressive fraud protections than debit cards.
“I recognize debit cards help with budgeting but their fraud protections aren’t as strong,” Ulzheimer says. “Plus, even if you get 100 percent of your money back after debit card fraud, it can take more than a week—and that’s money that isn’t in your account to cover other transactions.”
2. Sign up for text or email alerts when you use your card.
This simple step will allow you to see the instant a transaction posts to your account. “Contact your issuers and find out how to activate those alerts, so you’ll know whenever the card is used,” Ulzheimer advises.
3. Get credit monitoring.
“If you’re concerned about your credit information being exposed when shopping, then think about credit monitoring,” Ulzheimer says. “It lets you know if something questionable hits your credit reports, such as a new account or new address.” Fee-based options normally run about $15 per month; you can also monitor your Experian credit report for free through CreditSesame.
4. Use credit freezing.
Also known as a “security freeze,” a credit freeze takes your credit reports out of circulation. “No new credit can be issued in your name because lenders won’t have access to your credit reports or credit scores,” Ulzheimer says. “Freezing is free to victims of identity theft, but there’s a small charge, set by state law, if you want to freeze your reports proactively.”
5. Use cash.
This is similar to the gift card strategy I used when I shopped at Target a few days ago. “If you want to fully avoid fraud issues when shopping, then go old school and depend on cash,” Ulzheimer says. “At least you’re not sharing personal or payment information.”
Even if you take all those measures, other actions can still leave you vulnerable to fraud. The Credit Union National Association reminds you to avoid these six common mistakes that compromise your secure information:
1 . Don’t leave credit and debit cards unsigned.
Yes, many clerks don’t even glance at the signature field and, increasingly, some stores don’t even require you to sign for purchases under a certain dollar amount. But attentive clerks still check signatures (especially for large purchases), and should request to see ID for an unsigned card.
2. Don’t give away your card’s PIN to anyone, especially by telephone or email.
3. Don’t write your PIN anywhere on your card.
4. Don’t give your PIN to a store clerk. Always enter it yourself.
5. Don’t discard paper card statements without shredding them.
6. Don’t let your mail (including new credit cards) pile up in an unsecured mailbox while you’re away.
These combined steps are simple enough to take. As the victim of credit card theft on a few occasions, I can vouch for the amount of time it takes to undo the damage once it occurs. Don’t leave it to credit card companies to do the grunt work for you. Don’t wait for Target and other retailers to clean up their act; that process could take years.
As with all things in your financial garden, take responsibility. Act now. Wouldn’t it be nice to make some New Year’s resolutions that you can actually keep?