Advice from Attorney General regarding Target’s credit card security breach

Senator Brownsberger’s office received the following press release from the Attorney General’s office, offering advice for consumers who may have been affected by the Target credit card security breach.

______________________________________________________________

IN WAKE OF TARGET DATA BREACH, AG COAKLEY OFFERS ADVICE TO CONSUMERS, LAUNCHES REVIEW OF CIRCUMSTANCES THAT LED TO BREACH

BOSTON – Following reports of a data breach at retail giant Target that potentially compromised the credit and debit card data of millions of consumers nationwide, Attorney General Martha Coakley offers consumers information on how to protect their information against identity theft.

The AG’s Office has also contacted Target to review the circumstances of the breach and the steps the company is taking to address it. The AG’s office will work with Attorneys General across the country to determine whether Target had proper safeguards in place to protect consumer information.

According to Target, credit and debit card information for approximately 40 million consumers may have been compromised between Nov. 27 and Dec. 15. Target has determined that the information involved in this incident included customer name, credit or debit card number, and the card’s expiration date and CVV (the three-digit security code). Target has determined that the breach involves credit card and debit card information for purchases at its retail stores only; online purchases were not affected.

“This significant data breach has put the personal information of Massachusetts consumers at risk,” AG Coakley said. “We have contacted Target to review the circumstances and will be working with Attorneys General across the country to determine whether the company had proper safeguards in place to protect consumer information. In the meantime, we urge people to take immediate steps to determine whether you have been a victim of ID theft and to protect your information moving forward.”

For people who shopped at Target’s retail stores between Nov. 27 and Dec. 15, the AG’s Office offers consumers the following information on how to protect against potential identity theft:

1.Immediately review and monitor your credit and debit card information. The breach appears to have been isolated to credit or debit card purchases at Target’s retail stores. If you shopped at a Target Store using your credit or debit card between Nov. 27 and Dec.15, carefully review and monitor your credit card or other financial accounts for the next 12 to 24 months for any unauthorized activity and monitor your credit reports. If you notice any irregular activity or charges, report them to the issuer of your credit card immediately.

2. Order a copy of your credit report, and look for unauthorized activity. Look carefully for unexplained activity on your credit report. You are entitled to one free credit report per year.

3. Call one of the three major credit bureaus and place a one-call fraud alert on your credit report:

· Equifax: Call (800) 525-6285, and write: P.O. Box 740241, Atlanta, GA 30374-0241.

· Experian: Call (888) 397-3742, and write: P.O. Box 9532, Allen, TX 75013.

· TransUnion: Call (800) 680-7289, and write: Fraud Victim Assistance Division, P.O. Box 6790 Fullerton, CA 92834-6790.

You only need to call one of the three credit bureaus; the one you contact is required by law to contact the other two credit bureaus. This one-call fraud alert will remain in your credit file for at least 90 days. The fraud alert requires creditors to contact you before opening any new accounts or increasing credit limits on your existing accounts. When you place a fraud alert on your credit report, all three credit bureaus are required to send you a credit report free of charge.

4. If there is unexplained activity on your credit report, you may want to place an extended fraud alert on your credit report. If after reviewing your credit report you believe there is unexplained activity, you may want to place an extended fraud alert on your credit report. In order to do this, you need to file a police report with your local police department, keep a copy for yourself, and provide a copy to one of the three major credit bureaus. Then an extended fraud alert can be placed on your credit file for a 7-year period. This will mean that any time a user of your credit report (for instance, a credit card company or lender) checks your credit report, it will be notified that you do not authorize any new credit cards, any increase in credit limits, the issuance of a new card on an existing account, or other increases in credit, unless the user takes extra precautions to ensure that it is giving the additional credit to you (and not to an identity thief).

5. Contact the fraud departments of your credit card issuers or bank. You may want to contact the fraud department of the credit card company or bank that you used when you made purchases at the Target stores. These financial institutions can monitor your account for suspicious activity. You may also wish to request a new account number; you can discuss this option with your credit card company or bank.

6. If you are a victim of fraud or identity theft. There are many steps you will need to take to protect your identity. Please see Attorney General Martha Coakley’s Guide on Identity Theft for Victims and Consumers, at http://www.mass.gov/ago/docs/consumer/id-theft-guide.pdffor important steps you should take to protect yourself.

Additionally, Target has established a toll free customer help line. Callers from the United States may reach the help line at 866-852-8680. Target has also posted information on its web site.

In the wake of another major data breach in January 2007 at TJX Companies, Inc, the AG’s Office led a coalition of Attorneys General that conducted an extensive investigation into TJX’s data security policies and procedures in place when the breach occurred. In July 2009, TJX agreed to pay a total of $9.75 million and implement a comprehensive information security program, designed to safeguard consumer data. Massachusetts received more than $950,000 to aid efforts to protect consumers’ personally-identifiable information.

If you believe that you have been the victim of identity theft, you will need to take additional steps to protect your credit and your good name. For additional information, consumers may contact the Attorney General’s consumer hotline at (617) 727-8400, or view the Federal Trade Commission’s identity theft resource, available at www.consumer.gov/idtheft/.

_______________________________________________
Anne Johnson Landry
Committee Counsel and Policy Advisor
Office of State Senator William N. Brownsberger

Published by Anne Johnson Landry

Anne works as Committee Counsel and Policy Advisor to Senator Brownsberger.

2 replies on “Advice from Attorney General regarding Target’s credit card security breach”

  1. MassPIRG is circulating a useful set of tips to reduce risk of identity theft.

    See this link for their useful recommendations.

    In a recent email to members, they highlighted several points, including:

    (1) Don’t panic. Do check your credit card and bank account statements regularly for fraudulent transactions and report them immediately to your provider. The most likely use of the card numbers will be to attempt fraud on your existing accounts. You have strong anti-fraud protections by law.

    (2) Beware of “phishing.” Now that we know that email addresses and phone numbers were also taken, be aware of “phishing” emails or phone calls, even calls or emails purporting to be from your bank’s fraud department. . . .

    (3) Don’t pay for expensive credit monitoring services. You have the right under federal law to look at each of your three credit reports once a year for free at annualcreditreport.com. . . .

  2. The easiest thing to do is change your number. My bank recommended that and quickly issued a new card for my wife. Simplest thing is to just do it if you charged at Target between November 27 and December 15.

Comments are closed.