As if we need another reason to be nervous about our money. Financial gurus have warned consumers for a long time about guarding their financial information diligently, but recent events now make it a necessity.
First there was Target. The company announced on December 19, 2013, that thieves had stolen credit and debit card information from more than 40 million customers. Other reports put the number much higher.
Experts believe that 1 to 3 million card numbers were sold on the black market. Looking at a midpoint (selling 2 million cards at a mid-range price of $26.85/number), experts estimate the thieves made $53.7 million.
How did it happen? The reasons are tech-y, but globally, a lack of proper security measures allowed hackers to gain access through stores’ cash registers. Basically, the company failed to properly close off access to your data.
Then there was Home Depot. The company announced that it was a victim of a breach occurring from April to September 2014. The 56 million affected cards make it an even bigger hacker haul than at Target. The thieves gained access to Home Depot’s records the same way – through cash registers as a result of a lapse in security protocols.
Add to the list eBay, Michael’s, Kmart, Neiman Marcus and more, and you see that information about you is anything but safe. You have to be diligent and deliberate about protecting your data.
Fortunately, some commonsense practices that don’t take much time to implement will go a long way toward minimizing the damage. Whether you’ve been hacked or not, consider the following.
Instead of a Credit Card…
One way to avoid being a victim is to not use your credit card. If you think that sounds crazy, you might be surprised by the options available to you.
Prepaid Card. A prepaid credit card has no connection to your bank account, making it the perfect solution. But before you run out and get one, there are some downsides. First, there is virtually no fraud protection for these cards. If thieves get access to the number, they’ll likely get your entire balance and your chances of getting any of that money back are next to none. Second, the fees on these cards are often high – so high that most financial experts advise against using these cards unless you can’t qualify for a regular bank account. Let’s look at other ways.
Temporary Card. Many of the major card issuers including Bank of America and Discover offer single-use credit cards, also called one-time-use, temporary, “shopsafe” or virtual credit cards. As the name implies, these cards often work only one time. Had you used one at Target when its data was breached, the thieves would have a useless number.
Not all these cards work with all purchase types. Some can be used only online, for example. As always, be an informed consumer and read your card issuer’s rules regarding single-use cards before signing up.
Check. If you have a checking account, you can still write an old-fashioned paper check at most shops – even if it’s sometimes a hassle to get the check approved, especially if it’s not a local shop. Your credit card number will be safe, although there’s always the risk someone will get your bank account and bank-routing number instead. At the moment check fraud is much less common than credit card fraud, and you are not liable for any charges to your account if checks are stolen or altered. One additional protection: Don’t print your address or any other information except your name on your checks.
Cash. Yes, cash is so last century, but using this monetary dinosaur assures you of one thing: You won’t be a victim. Another upside to cash? According to financial guru, Dave Ramsey, you will spend less overall. If you want to stay safe and reign in your budget, head to the bank and get your hands on some cold, hard cash. If you’re really worried, stop at the drugstore after the bank and buy a bottle of hand sanitizer. Cash is, literally, dirty money.
What to Do If You’re Hacked
If you’re reading this saying, “Where were you a couple of months ago? I just found out I was hacked,” here’s your step-by-step guide to dealing with a data breach.
Step 1: Demand a new card. When Target was hacked, JP Morgan Chase limited the use of affected cards and issued new ones before most customers thought to ask.
Some people were annoyed when they tried to pay for a cart full of groceries and their credit card was denied, but the bank did the right thing.
Call your bank and demand a new card. It’s not likely to put up a fight as the bank is responsible for paying false charges. In the event that the bank does, don’t back down on your demand.
Step 2: Change your passwords. If you have done any online business with the affected company – or you have an account with it – change your password right away. Make it more than 8 characters and difficult to figure out. If it’s easy for you to remember, it’s easy for a hacker to crack.
While you’re at it, change and strengthen all of your passwords. You don’t know what the thief is holding so assume the worst.
Step 3: File a police report. Call the non-emergency number of your local police department. Say that you were a victim of identity theft and wish to file a report. This makes your status as a victim official.
Step 4: Freeze your credit reports. You don’t want anybody opening up new lines of credit in your name. Freezing your credit report will prevent further identity theft most of the time. Contact the three credit bureaus here:
Freezing your reports is free if you’re a victim of identity theft. (They might want to see the police report you filed.) You can later unfreeze your reports.
Step 5: Watch all your bank and credit card statements. Like a hawk!Look every day for at least 30 days after the bank replaced your card. Apps like Mint and BillGuard make it easy to watch your accounts. If you see fraudulent activity, call the bank and report it immediately. Often you can dispute charges online, but calling and talking to somebody assures that the issuer has record of your dispute. Be sure you also make a record, with the name of the person you talked to and the date and time when you called.
The Bottom Line
You won’t see a resolution overnight. Have patience with the people you deal with and the process will go more smoothly. If you’re one of millions of victims, things might move slowly, but the steps above will prevent any further damage from this attack.
It’s highly unlikely that you will be on the hook for any of the charges. No need to panic.