Originally published by the Clarion-Ledger on 2/1/14 and in the print edition on 2/7/2014.
It seems we can hardly get through a news cycle these days without hearing that now-familiar refrain: (No, I’m not talking about disgusting cruise ship infections; that’s another post.) Another company has announced huge “data breaches”, in which consumer information has been stolen, or at least subject to possible theft.
In recent months, there have been some data breach events of seismic proportions, and probably many more we haven’t heard about:
In November, Target customers’ data were stolen; initial reports showed around 40 million Target shoppers were potential victims; later reports said the damage was actually much worse.
This week, Michael’s arts and crafts stores announced the Secret Service is investigating a possible compromise of customer data.
Earlier in January, high-end retailer Neiman-Marcus announced a major data theft, resulting in undisclosed damages. http://www.pcworld.com/article/2087040/neiman-marcus-notifying-customers-after-card-data-breach.html
So what’s going on here?
Expert opinions vary on the specifics, but nearly everyone is alarmed at the recent rise in attacks; not for their number, but for their sophistication. The ubiquitous use of credit and debit cards (and the resulting decline of cash) is making data theft potentially more lucrative. And there appears to be an arms race between thieves and their targets, who install ever-more-sophisticated security, only to find themselves challenged by well-funded criminal organizations with money and resources. They learn as they go along.
What, if anything, can we do about it? Well, most experts agree that the solution lies in a mix of strategies.
In an instructive article in PCWorld, writer Tony Bradley notes that retailers must step up to the plate with sophisticated “end-to-end” encryption of consumer data at the point of sale. More sophisticated technology at the customer end, Bradley writes, would help, including things like smartchips on cards and better identity-verification technology.
But, as when dealing with any potential thief, it’s important to remember that if a determined and well-funded thief really wants what you have, he’s probably going to get it. The trick is to make you a less-juicy target. Just as installing a steering wheel lock isn’t a 100 percent guarantee against someone stealing your car, it can make your car less attractive because of the extra time and effort required.
Here are few things you can do right now.
Protect your PIN code, and change it often. Never store your PIN with your card.
Check your bank and credit card statements constantly. If you see suspicious charges, contest them immediately.
Don’t respond to any email that looks like it comes from your financial institution; if you’re concerned, call them and ask whether the message is legitimate.
Consider monitoring your credit. In the case of data breaches, many companies offer this service free to anyone who might have been victimized.
Finally, remember that with the convenience of carrying that piece of plastic, comes ever-increasing risks. You could choose to live “off the grid” and pay for everything in cash, but most of us aren’t ready to make that transition. I suspect that until we are truly safe from these criminals, the best thing we can do is to be vigilant.