Protect Yourself Before & After a Data Breach
By Amy Maliga, Take Charge America
Last holiday season’s large-scale Target data breach and other breaches throughout 2014, including Home Depot, Lowe’s, Staples, and Michaels, are leaving consumers increasingly concerned about the security of their personal and financial information. According to the Identity Theft Resource Center, 2014 has already seen a total of 644 data breaches spread across the retail, financial, health care and education sectors, with more than 78 million consumer records exposed.
As we dive deeper into this year’s holiday shopping season, it’s important to think about guarding your information and minimizing the damage, should it become compromised. Here are several ways you can protect yourself and your data, both before and after a data breach.
Before a Data Breach
- Pay in Cash. Using cash to pay for purchases in-store eliminates exposing your credit card, debit card or PIN information to a data breach. Paying in cash can also help you stick to your budget and minimizes the temptation to overspend because once it’s gone, it’s gone. If you’re concerned about missing a great online deal, research the item online first then ask the brick-and-mortar store to price-match.
- Save Receipts. Whether you’re paying in cash or using a card, save receipts for all your purchases. You’ll need them for returns or exchanges if you’ve paid in cash (since the retailer won’t be able to do a card lookup). And if you use your card and there’s a breach, you’ll want to be able to compare receipts to the charges on your statement to verify they’re valid.
- Stay Informed. Not every data breach will make national news. You can stay informed and find a regularly updated list of data breaches here.
After a Data Breach
- Keep an Eye on Your Statements. Pay extra attention to your credit card statements or checking account activity (if you used a debit card). Contact your card issuer or bank at the first sign of any unauthorized charges.
- Beware of Phishing Scams.Scammers will often capitalize on news of a data breach as a way to gather personal information through phishing emails. Remember that your bank, credit union, credit card company, or any other legitimate financial institution will never ask you to share personal information, account numbers or your Social Security number via email. If you receive communication asking for that information, call the institution in question directly using a phone number you look up yourself – not the one provided in the email -- to verify the request.
- Take Action Immediately– If you’re concerned your information has been compromised in a data breach or through any form of ID theft, you should first place a 90-day fraud alert on your credit report with each credit bureau:
Then follow these detailed identity theft recovery steps suggested by the Federal Trade Commission.