It is now pretty clear that hackers unleashed malware into Target’s point of sales terminals (what we used to call cash registers) to steal the payment card information from over one hundred million customers; the retailer’s chief executive has confirmed that fact. Oh, and this just in – Neiman Marcus has belatedly admitted that hackers breached their credit security over the holidays and even though they are not releasing the number of customers affected, that number might be in the millions, too.
In the wake of this huge rip-off, there is a tiny bit of good news for credit card users who are victims in the 2013 holiday nightmare, or who are worried about losing their data the next time they swipe their card: new Payment Card Industry Data Security Standards scheduled to take effect will make it harder for cybercriminals to steal your information. This attempt at consumer conciliation sounds good, but there is a huge downside: it’s going to be two long years before the tougher standards are implemented.
That’s pretty unbelievable, considering that as of January 1, 2014, one hundred and ten million Target customers and an undisclosed number from at least three other major retailers are at risk for having their identity stolen! And in another blow to consumers, merchants and others who process credit and debit card payments have until October, 2015, to replace the magnetic stripes that hold customer data with chip-and-pin technology.
The technology, already widely used in other countries, makes it much harder for criminals to steal information. Yet despite the current risk to their customers, major U.S. retailers have orchestrated a concerted effort to prevent issuance of these encoded chip cards, citing enormous refitting costs that could wreak havoc on their bottom lines. So while the opportunities for thieves to plunder credit card data rise exponentially, U.S. consumers meekly continue to use the magnetic strip cards, a completely hackable technology dating back to the 1960s.
There is a major lesson to be learned here. Until the new standards are in place and the new technology arrives, the mantra of American shoppers should be this: be circumspect in your credit card use and don’t use a debit card at all! If your bank tries to issue you a debit card, request a PIN-only ATM card, and only use that card to withdraw cash at your bank’s Automated Teller Machine. Do not use it for purchases. The PIN doesn’t provide perfect protection, but it takes a more sophisticated skimmer to capture the PIN number, and the PIN is never legitimately stored in merchant databases where it can be stolen by hackers. When you stand in a checkout line preparing to swipe your card at another poorly securitized POS terminal remember this: when someone steals your credit card number, they are only stealing your credit card bank’s money, but when someone steals your debit card number, they can suck money straight out of your checking account. And, if you don’t report the abuse within two days you can lose as much as $500, and if you don’t report the activity within five days, expect to see your bank account drained dry.
Credit and Debit Card info MIGHT get harder to steal in the wake of Target Hack – ©2014 Money Movers, Inc.