Friday, December 20, 2013

Merry Christmas From Target


Merry Christmas, and oh, by the way, if you used your debit or credit card at any one of the more than  1,700 Target Department stores in the US between Nov. 27 and Dec. 15 your personal credit/debit card information has been stolen.

About three weeks after the first data theft, a blogger “Krebs on Security,” wrote about the intrusion into your personal financial card data.  40-million customer records were compromised in that three week period, But that is not the worst credit card hijacking.  Six years ago hackers got into the T. J. Maxx system and got away with 90-million customer records, and in 2009 thieves made off with 130-million stolen card numbers from the Heartland Payment Systems computers.

The Privacy Rights Clearinghouse claims 621,955,664 credit card files have been reported stolen since 2005, and the group says that’s only the data reported stolen.  The experts say it’s probably many more than that.

There are a number of issues to consider – whether you are a customer of a store like Target, or an investor, or an executive or an employee.

Millions of customers have been potentially ripped off and it took almost three weeks before the company told anyone about it.  That won’t encourage customers to come back, or people to want to work there.

The company posted a formal “letter to customers” on its website, but you had to be alert to find it – the link to the “letter” is in the upper margin of the home page.  When you click on it this is where you end up:

Various so-called experts claim the hackers can sell those 40-million customer records for anywhere from a quarter to $45 each….multiply that by 40,000,000.

My advice to decision makers of retail outlets is to respond quickly if you are a victim.  Secondly you should find a common voice and insist American credit card companies immediately adopt the European “smart-chip technology” which has been spreading throughout much of Europe since 2002.

And every retailer should encrypt their credit card transaction process from the device on which the customer swipes his/her card, through the stores’ network, to their bank and credit card issuer.

And on top of that, every business, small or large, should anticipate what can go wrong and take steps to prevent the “wrong” and simultaneously plan for what you will do and say if it happens anyway.  




No comments:

Post a Comment