As regular readers of the ITRC blog already know, data breaches can occur in a variety of ways. Either by hacking, employee error or negligence, or some form of physical theft, access to customer information is given to criminals who may then use that information for illicit purposes.
The compromise of millions of consumers’ information now has Target sending out millions of data breach notification letters and emails to victims and potential victims all over the country. If you’re among that population, you may have already received some form of communication from Target informing you of the potential exposure of your information and what you might do about it.
It’s no longer an “if” you’re the target of a data breach; it’s just a matter of “when.” Data loss incidents are becoming an unfortunate rite of passage. More and more businesses have found themselves exposed and ill prepared to manage the fallout.
This is the second part of a three part series regarding the recent Target data breach incident. In Part I, we actually expressed appreciation for some of the positive outcomes of this data breach.
The Target breach can now be added to a long list of historical events that occurred on December 19th. It should rank somewhere between King Henry II being crowned King of England in 1154 and Italy besting Chile for the 65th Davis Cup in 1976. At least we hope that is the case.
Target Corporation confirmed on December 19, 2013 that approximately 40 million of their customers’ credit and debit card accounts may have been compromised. The unauthorized access occurred between November 27 and December 15, 2013, meaning anyone who shopped at Target and used a payment card during this time period may be at risk for fraud.
It’s never fun to receive a breach letter in the mail. Out of nowhere, you’re informed that through no fault or ill-advised action of your own, your personally identifying information (PII) has been compromised and may have been exposed for all the world to see. This can cause panic on the part of the consumer. As we at the ITRC often see firsthand, in addition to being scary, it can confound and confuse. What information was exposed? What does this mean? Am I a victim of identity theft? What should I do now?