Millions of people are watching their credit card and bank statements closely due to recent payment system security breaches at Target and Neiman Marcus. The compromises have involved not just account numbers, but names, addresses, and other sensitive personal information.
The Consumer Financial Protection Bureau (CFPB) has published some advice for customers on how to protect themselves and where to get help if they are concerned that their information has been leaked.
The advisory on the CFPB website, provides information on what to look for following a data breach. Steps to take include monitoring accounts for unfamiliar charges, alerting banks or credit issuers immediately if there is any suspicious activity found, following up complaints in writing, and avoiding giving out personal information over the phone.
They also note the importance of keeping adequate records of all communications with banks and credit card issuers. The CFPB guidelines instruct consumers that when making a call, they should note the time and date as well as the name of the person spoken with. Copies of all written communication should be kept on file. That way if there are any questions later, folks have documentation.
Debit, credit and prepaid cards
Over 70% of Americans carry at least one credit card, according to the CFPB. But debit cards are more commonly used for consumer purchases than credit cards, with prepaid card use increasing steadily.
Prepaid and debit cards are not more vulnerable to being compromised, but it can create a bigger headache for consumers if fraud is committed because funds are drawn directly from bank accounts or prepaid account balances, essentially draining the victim of funds immediately.
With credit cards, customers are not liable for fraud that occurs because of a stolen account number. That is federal law. However, with debit cards, unauthorized charges must be reported in a timely fashion. If the charge appears on a statement, but the actual card has not been stolen, customers must report the charges within 60 days. If the actual card or PIN has been lost or stolen, then the unauthorized charge must be reported within 2 business days in order to limit cardholder liability.
Card fraud may occur months after a breach, so consumers should continue to monitor their accounts closely. If they used a credit, debit or prepaid card at a retailer within the time period that a breach was active, customers may want to call their card issuers and request a new card and account number. Changing their PIN is also a smart idea, according to the CFPB.
Target is offering free credit monitoring for individuals affected. Keeping an eye on credit reports, as well as payment accounts, is a good idea following a widespread security breach.
If consumers are unhappy with the way their bank or credit card issuer responds to concerns about fraudulent charges, the CFPB urges them to make a report. They can do so via the CFPB website complaint form, located here.