targetMega-retailer Target has confirmed reports that it suffered a major data breach effecting as many as 40 million credit cards  (although since that announcement, the figure has jumped to 110 million cards.   Got your breath back?  Good, there’s more;  the full extent of the breach is still unknown with other retailers joining the list.   The details are nicely documented in a New York Times article.   More recently, authorities have warned that scammers are using the Target hack in trick consumers into giving up important personal information.  Oh, and watch out for a $9.84 charge  (more on that at the end)  In a nutshell, here’s ‘s what to do….and not what to do to protect yourself from the :

DO:  

Check the purchases for any credit or debit card that you have used to make a Target purchase between June 1 and December 15, 2013.   Initially, Target indicated that the breach didn’t occur until after Thanksgiving but the company’s tune is changing;  it admits that it doesn’t really know exactly when the breach began. Go online to the credit card issuers and check your recent activity on any card that you used at Target during that time period.

Be concerned about any unidentified debit card purchases.   With debit cards, your maximum liability is $50, if you notify the bank within two days. After that it jumps to $500. You could lose all the money that was stolen from your checking account if you fail to report the fraud within 60 days of getting your bank statement

DON’T:  

Respond to any texts, phone calls or emails from some who says they are from Target and are seeking social security numbers or other personal information.   If the e-mails are offering free credit monitor, please know that Target provides a link to a website where you can receive an activation code for a free credit monitoring service. After going to that website, creditmonitoring.target.com, and providing your email address, you will be sent another email where “activation code” is mentioned in the subject. You are then asked to follow another link within that email where you can finally sign up for the credit monitoring service.

Worry about credit card purchases that you can’t identify.   Federal law limits responsibility for unauthorized credit card charges to $50.

Change your debit card PIN.   Target maintains that any PIN information was encrypted and cannot have been used by the hackers.

Place a credit or security freeze on your credit reports.    Security freezes prevent criminals from opening new accounts in your name using your drivers license, social security number or some other personal identification.   This is not the kind of information that was stolen from Target.

Purchase any credit monitoring services.   They won’t help protect you from unauthorized credit or debit cards.

Don’t necessarily believe what Target is saying because the full extent of the data breach is still not fully known….probably to the company and definitely not to the public.

Not Sure

To its credit,  Target is trying to make amends to its customers.  The company took a big hit as a result of this data loss — its Xmas was not merry at all as the company lost money and market share over the all-important holidays.   One of its Not-So-Merry-Christmas gifts to its customers is a one-year free subscription to a credit monitoring service.     As a given rule, these services aren’t worth the money they often charge.   However, given that the price is pretty reasonable (FREE),  if you are a Target customer you may want to consider signing up when the company has its ducks in a row……..signup isn’t available as of January 10, 2014.   Just make sure that you don’t accidentally get enrolled in one of these sneaky automatic-renewal deals.   We’ll continue to monitor Target’s offer and watch for traps in its credit monitoring deal.

Target is not the only retailer to have been hacked.   Reportedly Neiman-Marcus also was victimized by the same set of hackers.   Michael’s recently announced it was hacked and more retailers are expected to admit similar breaches.   Moreover, other retailers are apparently viewed as ripe of the picking by cyber-criminals.    Increasingly, consumers will need to remain diligent about reviewing their credit card statements for authorized charges.   As the New York Times reported,  the complaints generated by consumers who spotted authorized billings were the first warning sign of the massive scheme.

One other word of warning.  Actually, it’s a number:   $9.84.   This is the amount of a charge that some consumers are finding their credit card bills.  They are fraudulent charges and you should alert your bankcard provider about it.  One intrepid researcher looked into the origin of this particular $9.84 charge and it took him through a labyrinth of 230 websites finally leading to a handful of individuals located in London, India and Cyprus.

<