TargtThis post is dedicated to alerting or even alarming all reader friends about the absolute need for CAUTION when using credit and debit cards – anywhere. If I could, I would shout from the top of the Internet Cloud — BE CAREFUL! BE CAUTIOUS! Your cards are not as safe as you think they are!

Well, that sounds a bit over-reactive, you might say. What’s bugging you, you ask? Still fretting over that Target thing way back on Black Friday, you sigh?

Guilty on all counts, I respond! If anything, I am not being reactive enough! Is something bugging me? – You bet it is! Actually I’m very bugged about what may be bugging, or hacking all of us, even as you read this! Fretting still over that Black Friday thing? Fretting doesn’t come close to what I feel as I continue to read about what really happened in the data breaches at Target, et al retailers….

I care about your security and I want you to be informed beyond the front page spin you get from the news. The retailers don’t want you to know all the scary details about their headlining data breaches because they can’t afford to lose your business. But you can’t afford to continue to do business as usual with them, because it is YOU who stands to lose the most. If you care about your safety and security, please read on…

What I want to share here are some under-reported details about the data breaches so that you can better understand your current and future threats. Then, in a coming post, I’ll try to help you learn about the new credit and debit card technologies and strategize about the realities concerning use of credit and debit cards.

Target Black Friday Data Breach

Please realize that Target thing was bigger than first reported! At Target alone, “instead of affecting approximately 40 million of their guests, Target now fears that the security breach could ultimately affect approximately 110 million people…. It turns out that the thieves didn’t just obtain your credit card numbers; they also have your names, phone numbers, mailing addresses, and e-mail addresses.”1 The credit and debit card data supposedly were dropped to servers in several places including Russia and Brazil. Knowing that some crooks in Russia have my credit card information AND know where I live is very disturbing!

Oh, by the way – that Target thing on Black Friday actually was a more prolonged activity than just Black Friday. The major news outlets gave some sanitized versions on the dates. It has been discovered that confidential information was harvested between November 27th and December 15, 2013. But here’s an even more creepy thought – the hackers were actually in the entire Target system, undetected, for weeks prior to the harvest, infecting POS (point of sale) systems and testing the efficiency of their malware. 2

Neiman Marcus and other Retailer Breaches

After the Target breach was made public, Neiman Marcus and two other yet to be named retailers reported their own breaches as well. The Neiman Marcus breach affected possibly a million customers. Although not confirmed, one of the other retailers could be Michaels.3  Michaels reported credit card breaches in 2010 as well. 4 Have you made any credit/debit card purchases at Neiman Marcus or Michaels since last fall?

White Lodging Data Breach

There are recent but under-reported breaches as well, like the one involving White Lodging, a hotel management group in Indiana which manages 168 hotels in 21 states, including Marriott, Starwood, Intercontinental and other brand hotels. In mid-2013, thousands of hotel guests’ credit and debit card information were compromised. However, information is just now (Feb. 2014) making back page news.5

In Technology We Trust – NOT

You might have noticed that details about the retailer breaches are slow to come forth. That’s predictable. Retailer’s sales are impacted by consumer’s trust in their brand. Negative news especially about inadequate security measures and technologies to protect the customer’s confidential data is a trust buster! Consider that it took Target 4 weeks to notify its customer about the data breach! And when Target did make a statement, its spin was on being a “victim” in the breach.

Well, that may be one way to look at it. But there is also a lot of high tech scrutiny about Target’s compliance (or non-compliance) to credit card standards as well as whether Target used “best practice” security technologies concerning its POS (point of sale) system and its network infrastructure. Lawsuits about these issues are already in the works.

For damage control, Neiman Marcus had to come forward about their data breach after Target’s breach announcement. Customer protection does not seem to be the motivator for the retailer confessions.

So please don’t get lulled into a false sense of security just because the news is not reporting any more details. The lack of reporting is not a sign that the storm is over.  It is not!  Who knows who the next retailer will be to confess a breach? Who knows how many more breaches are still unreported? That the US Secret Service is involved in some of these investigations might put some perspective on the severity of these breaches…

OK. Does any of this information cause a feeling of alarm in you? I hope so! And if so, I hope you understand the need for CAUTION!

So what do I do now, you ask? For starters, stay informed. What you don’t know can hurt you!

• Don’t let that thing at Target move off your radar screen. Keep watching how it plays out. Out of sight – out of mind is a dangerous attitude when it comes to self-protection.

• Be sure your information comes from current, accurate, informed and well documented sources.

• Understand that the speed of change in technology is mind boggling. Yesterday’s standards will probably not hold up under tomorrow’s threats and challenges. Don’t trust old information and technologies…

I’ll post soon more information about credit and debit cards – the “new” technology changes; what you need to understand about them to make informed choices; and strategies to be proactive in guarding yourself against credit and debit card fraud.

In the meantime —

Be Cautious. Be Aware. Be Informed.


2 http://krebsonsecurity.com/2014/02/these-guys-battled-blackpos-at-a-retailer/#more-24517
3 http://www.nytimes.com/2014/01/26/technology/michaels-stores-is-investigating-data-breach.html?_r=0
4 http://www.massdataprivacylaw.com/crime-talk/michaels-data-breach-hits-massachusetts/
5 http://www.nbcchicago.com/news/local/White-Lodging-Investigating-Reported-Data-Breach-243230421.html