Target’s credit-monitoring offer not enough, experts say

The Sacramento BeeApril 1, 2014 

John J. Mulligan, Target Corporation’s chief financial officer and executive vice president, testifies before the Senate Commerce Committee last week in Washington, D.C., about recent cyber attacks on Target retail stores and security breaches of consumers’ financial information. During the holiday shopping season, personal data from millions of Target customers were stolen by hackers who targeted credit card terminals in its stores.

J. SCOTT APPLEWHITE/THE ASSOCIATED PRESS

When Target Corp. announced in December that 110 million of its customers’ payment and personal records had been breached, the news was unsettling — both because Target is such an iconic brand and because the breach was so invasive.

“Target really demonstrated there are now three certainties in life: death, taxes and breaches,” said Adam Levin, chairman of Identity Theft 911, a company that provides identity theft recovery and other services.

Target certainly isn’t the only retailer to have been hit — Michaels, Neiman Marcus and most recently Sally Beauty Supply have reported exposure of customer data — but it’s definitely among the biggest ever. According to Minneapolis-based Target, about 40 million customers’ debit and credit card information was exposed, as well as 70 million customers’ phone numbers, mail and email addresses.

Separately on Monday, it was reported that Franciscan Health System also suffered a data security breach through a phishing scam potentially affecting 8,300 patients.

Meanwhile, Target has been busily doing damage control, issuing apologies, testifying before Congress and contributing $5 million to a nationwide cybersecurity campaign. The company’s profits have plunged as wary consumers stayed away and Target still faces dozens of lawsuits by banks and others.

The company has offered Target customers free credit monitoring for a year. But the deadline is fast approaching. Consumers have until April 23 to get signed up for the free offer. The free service is not limited to customers who shopped during the apparent data breach period, which Target initially identified as between Nov. 27 and Dec. 15. Instead, the free credit monitoring is open to anyone who shopped at Target. Ever.

If you share a credit card with a spouse or partner, both can sign up individually for free credit monitoring, which is provided by ProtectMyID, a subsidiary of Experian, one of the country’s three main credit reporting bureaus. You’ll get an alert any time there’s a change to your credit report, including newly opened accounts, new credit inquiries and new negative information, such as payment delinquencies. The offer also includes:

 • A free copy of your credit report by Experian.

 • Identity theft help. If confirmed as a victim of identity theft, you’re assigned a “fraud resolution agent” to walk you through the resolution process and answer step-by-step questions.

 • Identity theft insurance: Victims are covered for certain costs, such as lost wages, private investigator fees and unauthorized electronic fund transfers.

Target’s credit monitoring is good for 12 months; after that, consumers can choose whether to continue the service on a paid basis.

To apply, go to target.com/databreach by April 23. You’ll be given an authorization code, which you type in at ProtectMyID.com. The sign-up must be completed before April 30. To ensure the credit monitoring goes to the correct account, you’ll be asked to provide your name and Social Security number. Target says it will not have access to any customers’ Social Security numbers.

But for those who sign up, it’s no guarantee that cybercrooks won’t steal your identity and wreak financial havoc in other ways, such as using stolen credit/debt card info to siphon money from your accounts.

“The service Target is giving away only monitors one of your three credit reports, which is like locking one of the three doors to your house,” said John Ulzheimer, a longtime identity theft and credit reporting expert who writes for Mint.com and CreditSesame.com. Credit monitoring is effective only when someone is using your personal information to apply for new accounts, such as car loans or credit cards, said Ulzheimer. “And in that case, the consumer better hope the lender pulls their Experian credit report or the free credit monitoring service won’t set off any alarms.”

Target’s free credit monitoring applies only to a consumer’s Experian credit reports, not those of Equifax or TransUnion, noted Ulzheimer, who previously worked for Equifax.

There are other tools for consumers to protect themselves. Among them:

 • Get free copies of your credit reports once a year from each of the three credit reporting bureaus (Experian, Equifax and TransUnion) by going to annualcreditreport.com or call 877-322-8228.

 • Visit sites where you can obtain a free credit score, such as Credit.com, CreditKarma.com, Quizzle.com or CreditSesame.com.

 • Check your bank and credit card statements routinely, daily if possible.

 • Ask your bank or credit union about “transactional monitoring,” where they notify you by email or text whenever a transaction is unusual or occurs above a certain amount. Many credit card issuers already do this automatically.

In general, “If someone calls, texts or sends you an email asking you to do anything (related to your financial life), hang up,” said Levin. “If someone communicates with you out of the blue, claiming to be a retailer, the IRS or some other (agency), that’s when you have to be in control.” Never click on unfamiliar links in emails. Never carry your Social Security card with you.

The type of credit monitoring service that Target is offering isn’t unusual, said Ulzheimer, noting that other companies with data breaches have also made it available.

Should you sign up? Any time you’re given a chance — for free — to get a glimpse of activity in your credit files, you should “absolutely take advantage of that opportunity,” said Levin. “It’s a chicken soup moment: ‘What can it help?’ But the real question is, ‘What can it hurt?’”

The News Tribune is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service