www.baltimoresun.com/business/consuming-interests-blog/bal-target-data-breach-faq-20131219,0,7665107.story

baltimoresun.com

Frequently asked questions about the Target data breach

By Tim Swift, The Baltimore Sun  

12:55 PM EST, December 19, 2013

Advertisement

News that data from about 40 million credit and debit cards might have been stolen from Target shoppers this holiday season has many unnerved. We talked to Eva Velasquez, the CEO of Identity Theft Resource Center, about how to determine whether you have been affected and how protect yourself if you have.

I shopped at Target in the past few weeks? What should I do?

First, you need to figure out if you are a victim. You should receive a paper notification from Target. They are sending out the letters, but they must doing it in stages because one of the victims is me, and I haven't received a letter yet but others in my office have. You can also call Target directly. [Target says the breach did not affect online transactions. The company has set up a website and a phone line -- 866-852-8680 -- to answer questions.]

We're encouraging people to contact their financial institution. Remember all your cards - including Target's Red Card, which is connected to your bank account.

In an abundance of caution, you could change the pin on your bank account. The news was just announced this morning so there will be more details to follow. We don't know what exactly has been compromised. If it has been a bigger breach, social security numbers could be involved.

Is canceling my credit or debit card a good idea?

It's a matter of personal choice, if you feel compromised it's certainly an option. But you absolutely need to monitor your accounts on a regular basis. It's always a good idea, but this would be the time to kick it up a notch. I would check online in regular intervals, if not daily.

Is there any way to protect ourselves from these data breaches?

It's really the world we live in now. There have been more than 600 breaches this year. You always want to be cautious about who you give your information to. You don't want to give information to just any website. But when you are dealing with legitimate businesses like Target, there is a always risk. When it comes to data, companies have to be perfect 100 percent of the time, a hacker just has to be right once.

Any parting words for jittery consumers?

Don't panic. If you get a breach notification, it means you have been victim of a data breach but not identity theft. You need to start monitoring. In cases like these, the first step is [the hackers] obtain their information, now they have to monetize that information. As far as we know that has not happened yet. So you need to stay vigilant so that does not happen.

Eva Velasquez is the CEO of Identity Theft Resource Center, a nonprofit group that can help consumers navigate a case of identity theft. You can find more information on identify theft and data breaches at www.idtheftcenter.org or by calling 888-400-5530.