If you used a credit or debit card at a Target department store between November 27th and December 15th, your card data may have been stolen by hackers who accessed the store’s point of sale system, aka checkout. The Target data breach is one of the largest ever, compromising the credit card data of 40 million customers. The company is urging customers not to panic and wants you to know that the exposure to the hackers is not as great as many people think.
Well, yes. Target is correct about what the hackers can’t do with the data. However, as a Target customer who is a potential victim of this breach myself, I am more concerned about what the bad guys CAN do with the data. They can make duplicates of my cards that can be used to make purchases at retail stores.
Fortunately, they do not have my pin number required for ATM withdrawals and for debit card transactions. They do not have the unencoded version of the 3 or 4 digit CV code needed to use the card in most online transactions. Target is asserting that the data breach is limited to the card data, which means the hackers won’t be able to commit non-card related identity threat fraud, such as fraudulent loan and credit applications.
I also know from personal experience that my bank is vigilant. When I made a purchase from a Canadian web site last year I received a potential fraud warning and a follow-up phone call from fraud prevention. I had the same response from them once when I made some cash withdrawals that they thought looked suspicious.
I have no problem with this. I’m glad they are on top of it.
However, if cancelling the cards you have used at their store is “panicking” then I for one have panicked. And why not? I walked into branches of my banks and in a few minutes got my cards replaced. There is a huge market for fake credit cards, conducted on web sites in a private portion of the internet referred to as the Darknet. Why wait until you’re a victim of the Target data breach to take action?