It was the data breach that shook the retail world. When Target announced in December that 110 million of its customers’ payment and personal records had been breached, the news was unsettling – both because Target is such an iconic brand and because the breach was so invasive.
“Target really demonstrated there are now three certainties in life: death, taxes and breaches,” said Adam Levin, chairman of Identity Theft 911, a company that provides identity theft recovery and other services.
Target certainly isn’t the only retailer to have been hit – Michaels, Neiman Marcus and most recently Sally Beauty Supply company have reported exposure of customer data – but it’s definitely among the biggest ever. According to Minneapolis-based Target, about 40 million customers’ debit and credit card information was exposed, as well as 70 million customers’ phone numbers, mail and email addresses.
In the aftermath, thousands of Americans had their credit or debit cards canceled by banks and credit unions.
Target has been busily doing damage control, issuing major apologies, testifying before Congress and contributing $5 million to a nationwide cybersecurity campaign. The company’s profits have plunged as wary consumers stayed away and Target still faces dozens of lawsuits by banks and others, including a class-action suit filed this month by Portland-based Umpqua bank.
Perhaps most importantly, Target has been working to quell anxieties and rebuild the confidence of its shoppers. In its biggest mea culpa, the company has offered Target customers free credit monitoring for a year. But the deadline is fast approaching. Consumers have just one month left – until April 23 – to get signed up for the free offer.
“Target understands some guests are nervous about the impact the recent data breach may have on them. We are offering this product in order to ease all guest concerns and provide peace of mind,” said Target spokeswoman Sarah Van Nevel, in an email.
The free service is not limited to customers who shopped during the apparent data breach period, which Target initially identified as between Nov. 27 and December 15. Instead, the free credit monitoring is open to “anyone who shopped at Target.” Ever.
With about 1,800 U.S. stores and millions of customers, the potential number of sign-ups is enormous. Target said it does not have specific numbers on how many customers have signed up so far, but the offer “has been very well-received by Target’s guests,” said company spokeswoman Van Nevel.
If you share a credit card with a spouse or partner, both can sign up individually for free credit monitoring, which is provided by ProtectMyID, a subsidiary of Experian, one of the country’s three main credit reporting bureaus. You’ll get an alert any time there’s a change to your credit report, including newly opened accounts, new credit inquiries and new negative information, such as payment delinquencies. The offer also includes:
Target’s credit monitoring is good for 12 months; after that, consumers can choose whether to continue the service on a paid basis.
To apply, go to: www.target.com/databreach by April 23. You’ll be given an authorization code, which you type in at ProtectMyID.com. The sign-up must be completed before April 30. To ensure the credit monitoring goes to the correct account, you’ll be asked to provide your name and Social Security number. Target says it will not have access to any customers’ Social Security numbers.
But for those who sign up, it’s no guarantee that cybercrooks won’t steal your identity and wreak financial havoc in other ways, such as using stolen credit/debt card info to siphon money from your accounts.
“The service Target is giving away only monitors one of your three credit reports, which is like locking one of the three doors to your house,” said John Ulzheimer, a longtime identity theft and credit reporting expert who writes for Mint.com and CreditSesame.com.
Credit monitoring is effective only when someone is using your personal information to apply for new accounts, such as car loans or credit cards, said Ulzheimer. “And in that case, the consumer better hope the lender pulls their Experian credit report or the free credit monitoring service won’t set off any alarms.”
Target’s free credit monitoring applies only to a consumer’s Experian credit reports, not those of Equifax or TransUnion, noted Ulzheimer, who previously worked for Equifax.
Levin, the identity theft expert, said there are lots of other tools for consumers to protect themselves. Among them:Equifax TransUnion www.annualcreditreport.com Credit.com CreditKarma.com Quizzle.com CreditSesame.com
In general, “If someone calls, texts or sends you an email asking you to do anything (related to your financial life), hang up,” said Levin. “If someone communicates with you out of the blue, claiming to be a retailer, the IRS or some other (agency), that’s when you have to be in control.”
Call the phone number on back of your credit card or brokerage statement. Online, type in the URL yourself and go directly to the website of the institution that’s purportedly contacting you. Never click on unfamiliar links in emails. Never carry your Social Security card with you.
The type of credit monitoring service that Target is offering isn’t unusual, said Ulzheimer, noting that other companies with data breaches have also made it available.
Should you sign up?
Any time you’re given a chance – for free – to get a glimpse of activity in your credit files, you should “absolutely take advantage of that opportunity,” said Levin. “It’s a chicken soup moment: ‘What can it help?’ But the real question is, ‘What can it hurt?’ ”