Skip to content
Link copied to clipboard

Losing an identity war

Target incident, and now Neiman Marcus, shows how vulnerable we still are.

WE HAVE TO face the truth: We've lost the battle to protect our identities. Once the information from our credit and debit cards has been transmitted, it's out of our control. The latest high-profile data breaches confirm that we are forever vulnerable.

In mid-December, Target said that criminals had forced their way into its computer system and gained access to customer credit- and debit-card information. Initially, Target said about 40 million shoppers were affected.

Last week, the retailer disclosed that the personal data for an additional 70 million customers had also been stolen.

With your personal information, identity thieves can do a lot of financial harm. They can gain access to your bank account, open utility or mobile phone accounts, or get medical treatment using your health insurance.

I hear a lot of stories about identity theft. A banker once told me his information was stolen during a data breach. Someone was able to get an auto loan with his information. Because the crook paid the loan on time, the victim had a hard time clearing the matter up.

In a full-page ad that ran in major newspapers, Gregg Steinhafel, Target's chairman, noted: "I know this breach has had a real impact on you, creating a great deal of confusion and frustration. I share those feelings. You expect more from us and deserve better."

Now we've also learned that luxury retailer Neiman Marcus was hit by hackers.

People are asking me if it's safe to use their credit or debit cards at the stores. Probably safer now, but you're still vulnerable because the bits and bytes that make up your personal information aren't in your hands.

Do the recent data breaches mean we should stop using plastic?

That won't happen. Even though studies show that people tend to spend more when they use credit and debit, we are a nation addicted to these conveniences. It's easier to swipe and spend than to save up and use cash.

Target has promised customers whose information was compromised that they will not be liable for any fraudulent charges arising from the breach. The company has partnered with Experian to offer one year of free credit monitoring and identity theft insurance to anyone who shopped at Target's U.S. stores.

Even with credit monitoring, your information can still be used by identity thieves. The notices you get are after the fact, after something suspicious or fraudulent might have happened. You might catch something early, but you can't totally prevent identity theft.

Still, we have to take whatever precautions we can. In the case of Target, go ahead and register. Go to creditmonitoring.target.com before April 23. You will receive an activation code that then must be redeemed by April 30. I thought it was ironic that as part of the registration process, I have to provide my name, email, address and Social Security number, all to verify my identity.

But here's an example of why you need to take steps to protect yourself: I got a call this week from someone claiming he could help insure me against hackers. Since I shopped at Target during the period of the data breach, I wondered if the suspicious call was the result of that incident. The caller tried to get me to divulge personal information. He provided some convoluted explanation about how he got my information. I listened for a bit and then told him I believed he was trying to scam me and hung up.

I've become paranoid about my personal information, so my husband and I have set up systems where we get regular text and email alerts connected to our credit cards and bank accounts. Knowing that your personal information can't be fully protected, be as vigilant as possible. Be your own privacy cop. Scrutinize your credit- and debit-card statements. And given the breaches that have happened and will happen, don't trust until you've verified anything and everything anyone says.