How to Protect Yourself from Losses After a Data Breach

Target, one of the nation's biggest retailers, says credit and debit card information of as many as 110 million customers was compromised during the holiday season last year. Reportedly, the company's point-of-sale (POS) systems were infected with malware. Target confirmed that the breach included debit card PIN data.

Stolen numbers are already being sold on the black market for $20 to $100 each, according to KrebsOnSecurity.com. Still, most Target customers shouldn't fear their bank accounts will be drained, say security experts.

Federal law limits your liability for fraudulent credit card charges to $50. (Both Visa and MasterCard hold you completely harmless.) Debit card fraud liability is $50 if you notify the bank within two days. After that it rises to $500, then to unlimited amounts if you fail to report fraudulent charges within 60 days of receiving your bank statement.

So follow these tips to reduce your vulnerability from losses due to unauthorized credit or debit card transactions:

  • Review your payment accounts often. Look for unauthorized charges and quickly report them. Save your receipts so you can compare them with transactions appearing on your statement.
  • Use credit cards, not debit cards. Debit purchases are immediately deducted from your bank account, while credit purchases aren't paid for until you make the payment. If fraud occurs, credit cards don’t force you to wait to get your money back.
  • Check your credit report to see if new accounts have been opened in your name. This is unlikely due to the theft of your credit card number because thieves need more information than that to open new accounts. And before you decide to pay for a monthly credit monitoring service, remember that you can get a free copy of your report once a year at annualcreditreport.com.
  • The strongest preventive tactic against ID theft after a breach is a security freeze. This prevents your credit report from being shared with potential new creditors. If your files are frozen, a thief probably can't open any new accounts in your name. But it can make your life difficult, too, if you try to obtain additional credit.
  • Don't leave room for doubt: Never leave the final amount of a transaction open to interpretation. For example, always fill in the "tip" field on a bill; if the tip is already included, enter "-0-."
  • Safeguard your personal identification number. Don't reveal it to others, write it down where a third party could access it, or let bystanders see it when entering it at a store's point of sale or ATM.
  • Be cautious about those with whom you share any financial information. Don't provide data to anyone unless they are reputable and you reach out to them first, as opposed to their contacting you by telephone or email. Never send account data via email, and make sure any website you use to purchase goods begins with "https" and a domain name that matches the name of the site you intended.
  • Shred documents containing financial information, and keep your address, telephone number, and email address on file with banks and card issuers up to date.

Originally published in Inside Personal Finance March 2014

More Tax and Finance Advice