As two large Massachusetts retailers grapple with the fallout from customer data security breaches, Bay State lawmakers have proposed legislation that would nail businesses for poor security practices and better protect customers from fraud.
On Feb. 17, grocery retailer Stop & Shop said it had discovered tampering with checkout-lane units for electronic funds transfer, the PIN pads customers often use to make purchases, at two Rhode Island stores. The tampering may have led to the theft of credit card, debit card, and PIN information. The company subsequently discovered evidence of payment-device tampering at three other Rhode Island locations and one store in Massachusetts. Stop & Shop said it's working with local police and the Secret Service to determine the extent of the crimes, and that it has contacted its credit and debit processors "to identify and protect affected customer accounts."
The Dos and Don’ts on Disclosing Data
A spokesman for AT&T said that customers do not have to provide their Social Security numbers. One solution is to give a utility a deposit or, in the case of cellphones, buy the minutes in advance.
The number is entrenched as the identifier for American’s health records, so it is basically a requirement in order to see the doctor or dentist. But you might be able to persuade your employer to stop using it as an employee ID number. Employers need it because the Internal Revenue Service demands it, but there is no reason for it to appear on time sheets or employee badges.
You will probably never know that your number has been stolen until it is too late, but TrustedID’s free online search tool, StolenIDSearch.com, combs a limited database containing 2.3 million pieces of information, including stolen Social Security numbers and credit card numbers found on the Internet.
The number of people who had compromised data surprised the company: 0.81 percent. It expected a much lower rate, but said an explanation might be that the people who checked are those who already know their data are in the hands of crooks.
Now for the scary part: what do you do if it is compromised? First, obtain a copy of your credit report from each of the three largest credit bureaus: Experian, Equifax and TransUnion.