I'd like to talk a bit about next steps. If you've been the victim of a data breach... what next?
First... for consumers. Target is a retail company and the direct victims of the breach are those of us who shopped at a Target store during the dates in question. Consumers have two concerns here: credit card fraud and identity fraud. (I don't like the term "identity theft" even though it is commonly used. No one can steal your identity... you still have it. They can improperly discover, and misuse, the details... a.k.a. fraud.)
People who did shop at Target should take 2 simple steps:
- watch your credit card statements;
- if anything looks wrong: report it to the credit card company; get the charges removed (if appropriate), and; close the account.
- regularly get copies of, and review, your credit reports from each of the 3 major credit reporting agencies; (here's info from the FTC, Experian and FICO)
- regularly review all your bills, watching out for: unknown accounts, and ; unusual or incorrect charges;
- sign up for credit monitoring (here's info from all three bureaus in the US)
- have "plastic surgery" - reduce the total number of accounts you have, particular credit accounts (yes... I know some people feel that you should keep accounts open for credit score purposes but that is too much to cover here. Here are two great Money Girl podcasts on the subject.)
- file a police report - the police won't do anything about your issue, but this report helps to establish the official record
- file a report with the FTC
- be stingy with personal information - be careful what you give out
- weigh your wallet - and only carry what you need
- shred it - statements, bills, account information, personal documents when you don't need them anymore
- of course... protect yourself online by being careful with your clicks and practicing good password hygiene and management as I covered in this series of posts.
In a future post I'll talk about the corporate side of this breach and discuss Incident Response and Management.