Corporate security breaches seem to make news headlines almost daily. Companies like Target, Sally Beauty, eBay, and more have recently been the victims of large-scale security breaches that resulted in millions of customers’ personally identifiable information being stolen. That information is usually credit card information—data which is easily and immediately profitable—but can also include names, addresses, emails, Social Security numbers, and more.
In the case of this month’s PF Chang’s security breach in which millions of credit card numbers were stolen, the company’s corporate headquarters wasn’t even aware of the hacking event until it was brought to their attention that the credit card numbers were now for sale on a website that specializes in this kind of crime. A site that authorities believe may be based out of Russia is selling entire batches of card numbers to eager thieves, and one of the unifying factors in all of the cards is that they were used in a PF Chang’s restaurant location between March and May of this year.
Before you go check out the site to see if your card is listed…don’t. First of all, you won’t see any credit card information without signing up as one of their underhanded customers and paying for card information. But even going to the site could open you up to malware that infects your computer and retrieves even more of your data.
But what do hackers actually do with the information they steal? They sell it to their own customers. Their customers pay that website for information such as your credit card number, then turn around and use your card number for either online purchases or by attaching your data to the magnetic stripe on the back of a blank card. They can even sell these replicas of your credit card and turn a quick profit.
This is yet another case of corporate theft in which millions of victims did nothing wrong but were still subjected to potential identity theft and financial fraud. Short of never using a credit card or debit card, there isn’t a lot that consumers can do to prevent this kind of breach. However, it is certainly an example of the kinds of diligence that consumers must practice in order to protect themselves as much as possible.
First is to always read your credit card statements carefully, looking for any unauthorized charges or suspicious activity. You can also sign up for alerts from your credit card company, which will send you an email or text message any time a charge is made without your card being present. Also, choosing to do business with credit card companies who have a proven track record of watching their customers’ accounts for this kind of problem is a good idea.
This kind of awareness can help minimize the damage from a security breach and give you all of the necessary paperwork to file a police report and clear this up with your credit card company. Remember to take all news of a breach seriously, and treat even the hint that your information was compromised as a serious issue.
If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center's Anyone3 fundraising campaign. For more information or to donate please visit http://www.idtheftcenter.org/anyone-3.