Advice from Attorney General regarding Target’s credit card account breach

Senator Brownsberger’s office received the following press release from the Attorney General’s office providing advice for consumers who may have been affected by the Target credit card security breach.

FOR IMMEDIATE RELEASE                                                      MEDIA CONTACT:

December 19, 2013                                                                            Jillian Fennimore

(617) 727-2543

IN WAKE OF TARGET DATA BREACH, AG COAKLEY OFFERS ADVICE TO CONSUMERS, LAUNCHES REVIEW OF CIRCUMSTANCES THAT LED TO BREACH

BOSTON – Following reports of a data breach at retail giant Target that potentially compromised the credit and debit card data of millions of consumers nationwide, Attorney General Martha Coakley offers consumers information on how to protect their information against identity theft.

 

The AG’s Office has also contacted Target to review the circumstances of the breach and the steps the company is taking to address it. The AG’s office will work with Attorneys General across the country to determine whether Target had proper safeguards in place to protect consumer information.

 

According to Target, credit and debit card information for approximately 40 million consumers may have been compromised between Nov. 27 and Dec. 15. Target has determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code). Target has determined that the breach involves credit card and debit card information for purchases at its retail stores only; online purchases were not affected. 

“This significant data breach has put the personal information of Massachusetts consumers at risk,” AG Coakley said. “We have contacted Target to review the circumstances and will be working with Attorneys General across the country to determine whether the company had proper safeguards in place to protect consumer information. In the meantime, we urge people to take immediate steps to determine whether you have been a victim of ID theft and to protect your information moving forward.”

 

For people who shopped at Target’s retail stores between Nov. 27 and Dec. 15, the AG’s Office offers consumers the following information on how to protect against potential identity theft:

1.Immediately review and monitor your credit and debit card information.  The breach appears to have been isolated to credit or debit card purchases at Target’s retail stores.  If you shopped at a Target Store using your credit or debit card between Nov. 27 and Dec.15, carefully review and monitor your credit card or other financial accounts for the next 12 to 24 months for any unauthorized activity and monitor your credit reports.  If you notice any irregular activity or charges, report them to the issuer of your credit card immediately.

2. Order a copy of your credit report, and look for unauthorized activity. Look carefully for unexplained activity on your credit report. You are entitled to one free credit report per year.

3. Call one of the three major credit bureaus and place a one-call fraud alert on your credit report:

·         Equifax: Call (800) 525-6285, and write: P.O. Box 740241, Atlanta, GA 30374-0241.

·         Experian: Call (888) 397-3742, and write: P.O. Box 9532, Allen, TX 75013.

·         TransUnion: Call (800) 680-7289, and write: Fraud Victim Assistance Division, P.O. Box 6790 Fullerton, CA 92834-6790.

You only need to call one of the three credit bureaus; the one you contact is required by law to contact the other two credit bureaus. This one-call fraud alert will remain in your credit file for at least 90 days. The fraud alert requires creditors to contact you before opening any new accounts or increasing credit limits on your existing accounts. When you place a fraud alert on your credit report, all three credit bureaus are required to send you a credit report free of charge.

4. If there is unexplained activity on your credit report, you may want to place an extended fraud alert on your credit report. If after reviewing your credit report you believe there is unexplained activity, you may want to place an extended fraud alert on your credit report. In order to do this, you need to file a police report with your local police department, keep a copy for yourself, and provide a copy to one of the three major credit bureaus. Then an extended fraud alert can be placed on your credit file for a 7-year period. This will mean that any time a user of your credit report (for instance, a credit card company or lender) checks your credit report, it will be notified that you do not authorize any new credit cards, any increase in credit limits, the issuance of a new card on an existing account, or other increases in credit, unless the user takes extra precautions to ensure that it is giving the additional credit to you (and not to an identity thief).

5. Contact the fraud departments of your credit card issuers or bank. You may want to contact the fraud department of the credit card company or bank that you used when you made purchases at the Target stores. These financial institutions can monitor your account for suspicious activity. You may also wish to request a new account number; you can discuss this option with your credit card company or bank.

6. If you are a victim of fraud or identity theft.  There are many steps you will need to take to protect your identity.  Please see Attorney General Martha Coakley’s Guide on Identity Theft for Victims and Consumers, at http://www.mass.gov/ago/docs/consumer/id-theft-guide.pdffor important steps you should take to protect yourself.

Additionally, Target has established a toll free customer help line. Callers from the United States may reach the help line at 866-852-8680. Target has also posted information on its web site.

In the wake of another major data breach in January 2007 at TJX Companies, Inc, the AG’s Office led a coalition of Attorneys General that conducted an extensive investigation into TJX’s data security policies and procedures in place when the breach occurred. In July 2009, TJX agreed to pay a total of $9.75 million and implement a comprehensive information security program, designed to safeguard consumer data. Massachusetts received more than $950,000 to aid efforts to protect consumers’ personally-identifiable information.

If you believe that you have been the victim of identity theft, you will need to take additional steps to protect your credit and your good name. For additional information, consumers may contact the Attorney General’s consumer hotline at (617) 727-8400, or view the Federal Trade Commission’s identity theft resource, available at www.consumer.gov/idtheft/.

###############

Published by Anne Johnson Landry

Anne works as Committee Counsel and Policy Advisor to Senator Brownsberger.