Credit Card Data Breaches: How to Handle Them

Credit Card Data Breaches: How to Handle Them

Data breaches occur so often that you might catch a news story about one – such as the Capital One breach that affected 106 million customers or the recent Equifax data breach settlement – and brush it off.

But don’t ignore it. If your data was part of a breach, you might already be in the crosshairs of a fraudster who plans to use your stolen information to take over a credit card account or start new ones.


Protect yourself by learning about recent data breaches, how to prevent and spot fraudulent activity in your accounts, and what to do if your credit card accounts are breached.

What Is a Data Breach?

A data breach is when sensitive information – such as confidential personal information you’ve entrusted to a company – is stolen. This data could include your credit card account numbers, email password and Social Security number.

Data breaches are a likely reason for the dramatic increases in identity fraud in recent years. A 2018 study from Javelin Strategy & Research reports that 6.64% of consumers became identity fraud victims in 2017, an increase of more than 1 million victims over the previous year. Also, losses from account takeovers reached $5.1 billion in the same year.

What Are Some Recent Data Breaches?

You may have heard about the data breaches on this list – or been personally affected by them.

  • Capital One data breach. The breach announced in July 2019 involved exposure of 140,000 Social Security numbers and 80,000 bank account numbers from consumers and small businesses in the U.S. and Canada.
  • Marriott/Starwood data breach. From 2014 to 2018, the Starwood guest reservation breach included some payment card information.
  • Equifax data breach. An estimated 147 million consumers were affected by a breach announced in September 2017.
  • Lord & Taylor/Saks Fifth Avenue data breach. The company announced in 2018 that payment card information for 5 million customers was obtained between May 2017 and April 2018.
  • Orbitz data breach. About 880,000 payment cards were affected by this breach, which occurred throughout 2016 and most of 2017.
  • Sonic Drive-In data breach. A malware attack resulted in the release of an undetermined number of credit and debit card numbers from some store locations, the company announced in September 2017.
  • Target data breach. Data was stolen from up to 40 million credit and debit cards during the 2013 holiday season.

What Happens After a Data Breach?

When you hear about a data breach that could affect one or more of your credit card accounts, review your account activity and take steps to prevent future problems.

“In many cases, nothing happens” to personal accounts after data breaches are announced, says Rod Griffin, director of consumer education and awareness at Experian. “That’s a best-case scenario.”

But even if you’ve weathered one, or several, data breaches with no consequence, take each incident seriously. When fraud does occur, it can hit with hurricane force.

A fraudster could take over your credit card account using your stolen account number and password and use it to make purchases or take out money. This is known as account takeover fraud, a form of identity fraud. Also, someone could use your stolen personal information to open new accounts, which is classic identity theft.

“The challenge with data breaches and identity theft in general is that there is no set time frame for when the stolen information might surface,” Griffin says. “In some cases, particularly for an account takeover, you might see activity in a matter of days or weeks. In other instances, your stolen identifying information might not be used for months or years.”

How to React to a Data Breach

If your credit card account or other financial accounts have been breached, act quickly, even if it seems like fraudsters aren’t. “Rapid response is crucial to stopping fraud resulting from identity theft,” Griffin says.

With that in mind, experts recommend you take steps right away when you learn your personal information or accounts were exposed:

  • Review the company’s instructions in the breach notice, and visit the official consumer website for more information.
  • Take advantage of credit monitoring services if they’re offered at no cost, Griffin says.
  • Consider adding an initial security alert to your credit report, and get a free copy of the report. “It’s unlikely that information exposed in a breach will appear right away, but knowing what is in your report can ensure that your information has not yet been used to commit credit fraud,” Griffin says.
  • After reviewing your reports for accuracy, get a credit freeze, Ulzheimer says. Credit freezes are now free through all three credit reporting bureaus – Equifax, Experian and TransUnion – thanks to a law enacted in 2018. It’s important to review all credit reports before the freeze, Ulzheimer says, because “if your credit reports are compromised, then freezing them doesn’t uncompromise them.”
  • Check your mail and review billing statements for any signs of fraud.
  • Sign up for a notification service through your credit card company. “You can set up alerts so every time that card is used, you immediately get a text message that the card was used at this merchant for this amount of money,” Ulzheimer says.

What Can You Do About Account Takeover Fraud?

When your credit card account has been taken over, it’s important not to panic, Ulzheimer says. Remember that your liability for the fraudulent charges on the cards is likely limited.

The Fair Credit Billing Act limits consumer liability for unauthorized use of a credit card to $50. If your credit card number is stolen, but not the card – which is the case in a data breach – you won’t be liable.

The first step is to contact the credit card company as soon as possible about the breached account and disputed charges.

“Once you report that to the card issuer, they’re going to close the account” and send you a new card with a different number, as well as sort out with you which transactions belong to you, Ulzheimer says.

You’ll likely have other calls to make and emails to send, such as changing your account number for everything you pay via autobill to your card. Check your credit report and other financial accounts to be sure there are no other signs of fraud.

Also realize you’re not the first – or the last – to deal with this issue.

“Welcome to the club,” Ulzheimer says. “Almost every person has had their credit card compromised at one time or another.”


Source:- usnews


About rajtechnews