Due to the wide scope of those affected, I thought I would share a message offering some good advice to Americans in light of Target’s massive security breach and theft from U.S. PIRG Executive Director, Andre Delattre:
Target now admits it wasn’t 40 million consumers who had their credit and debit card numbers stolen in December — it was between 70 and 110 million consumers.
And it wasn’t just credit card or debit card numbers and their security codes and expiration dates that were taken. Target now admits that the heist included names, mailing addresses, phone numbers, and email addresses.
Passwords were also taken from Target customers, but they were encrypted, so you shouldn’t have to worry about thieves cloning your card to use in ATM machines.
Companies need to do a better job protecting our personal information. That’s clear. And we will help make sure Target is held accountable.
But what should you do now to help protect yourself? Here are tips from our expert on fraud and identity theft, consumer program director Ed Mierzwinski:
(1) Don’t panic. Do check your credit card and bank account statements regularly for fraudulent transactions and report them immediately to your provider. The most likely use of the card numbers will be to attempt fraud on your existing accounts. You have strong anti-fraud protections by law.
(2) Beware of phishing. Now that we know that email addresses and phone numbers were also taken, be aware of “phishing” emails or phone calls, even calls or emails purporting to be from your bank’s fraud department. When a thief has some of the information needed to commit identity theft, he will call or email you to try to get the additional information needed to open new accounts in your name.
Never click on any links in emails, even if they appear to be from your bank. Never give any information to anyone who calls you, even if the caller says something like: “I am going to tell you your account number to verify that this is a legitimate call.”
If you are concerned about information from a call or email, don’t reply directly. Instead, call the number on the back of your card and ask for the fraud department.
(3) Don’t pay for expensive credit monitoring services. You have the right under federal law to look at each of your three credit reports once a year for free at annualcreditreport.com. You can stagger these requests — one every four months — to do your own credit monitoring at no cost.
If you suspect you are a victim of identity theft, you can call each bureau directly for an additional free credit report. And if you live in CO, GA, MA, MD, ME, NJ, PR or VT, then under state law you are eligible for yet another free report annually by calling each of the three major credit bureaus.
(4) So long as you can avoid running up credit card debt, always use credit cards in stores or online. Your rights are stronger by law with credit cards than debit cards, and you don’t run the risk of missing funds from your checking account for weeks while the bank conducts a fraud investigation.
Please let us know if there is anything else we can do to help.
U.S. PIRG Executive Director
 Elizabeth A. Harris and Nicole Perlroth, “For Target, the Breach Numbers Grow,” New York Times, January 10, 2014.
 Aaron Katersky and Susanna Kim, “Target Admits Customer PIN Data Removed but Says It’s ‘Secure’,” ABC News, December 27, 2013.