Speakeasy forum

General discussion

Prepare For Your Credit Cards To Be Replaced

by James Denison / December 19, 2013 5:29 PM PST
New numbers for everyone, old numbers will be gone. Have fun changing every place you pay bills online with your new credit card number. Water bill, Electric bill, TV cable and internet bill, car insurance, department stores, ad infinitum. Can't use same passwords, and should already have a different one for every site, or the hackers can visit all the mainline stores using your card and the same password for more damage. This should affect about 1/3 of all US families, since there are about 3.5 persons per family on average.

"Target Corp said hackers have
stolen data from up to 40 million credit and debit cards of shoppers who
visited its stores during the first three weeks of the holiday season
in the second-largest such breach reported by a U.S. retailer. The
hackers worked at unprecedented speed, carrying out their operation
from the day before Thanksgiving to this past Sunday, 19 days that are
the heart of the crucial Christmas holiday sales season."
Discussion is locked
You are posting a reply to: Prepare For Your Credit Cards To Be Replaced
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Prepare For Your Credit Cards To Be Replaced
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Saw that and am keeping watch
by Steven Haninger / December 19, 2013 5:49 PM PST

I made a total of one purchase at Target during that period...some of their trail mix that was on sale. Generally, I pay cash there but was low that one day. I don't have their card as I don't shop there much but I may call my bank and see if what they advise.

Collapse -
I immediately changed my account info with them
by James Denison / December 19, 2013 7:43 PM PST

New email address, new password. I expect my CC will end up being replaced anyway by the issuer, that's what happened during the last major hack of credit cards.

Collapse -
Target gift cards not working
by James Denison / December 31, 2013 6:29 AM PST
Collapse -
(NT) What did they think would happen, with a name like "Target"?
by JP Bill / December 31, 2013 11:15 AM PST
Collapse -
Credit card woes....
by btljooz / December 20, 2013 3:12 AM PST

Back in the early and mid 1960s my Mother contended that we would become a cashless society in the future. I don't think she knew just how correct she was and/or just how fast that would happen. Well, it's now almost complete and look at what we have for it.

Yes, there is "convenience", but at what cost? There are MANY costs that are paid for "convenience" and this Target thing is a perfect example of just one of those costs. I wonder just WHY it took them THREE WEEKS to notice that something was 'amiss'??? I wonder how many of the card holders whose information was stolen realize the implications to their privacy in addition to the in-convenience of having to get new credit card numbers. Or do they even care? If they didn't before, do they now? If so, what are they willing to do/how far are they willing to go to keep this from happening to them again?

It used to be that credit cards were the bees knees. Then came the scammers picking through the trash to steal the carbon papers generated from them so they could bilk people out of their hard earned money. So, smart people got to the point where they were keeping and destroying the carbon papers themselves. Then came the internet. At first, everything seemed hunky-dory. No one suspected what was to come. Then came the hackers. In the early days of the internet a "hacker" only meant someone who broke into computer systems for nefarious reasons only. Now, there are many different "degrees" [so to speak] of hackers.

The beginning of those nefarious hackers was the beginning of the end for honest folks. The same folks who don't even realize that. It's now gotten to the point with all the hacking that is going on that its just not worth the hassle to use computerized monetary transactions of any kind at any time unless one absolutely has to (E.G.: when your bank does it for you, themselves). And THAT does not even come close to "safe", either!!!

How "convenient" is this re-issuing of new credit card numbers caused by this Target breach??? How "convenient" is it for the card holder, how "convenient" is it for the card issuers and how "convenient" is it for the IT personnel at Target and all the financial institutions affected by this??? And what of the massive cost in dollars that this breach has caused and will likely continue to cause for time to come??? In addition to the cost of what the hackers actually do with the information that they stole, what of the cost incurred by be the credit card companies who are being forced to issue new cards with their new numbers? And this is just ONE instance. It boggles the mind to think of those numbers! And just WHO is going to PAY for that cost??? Who do YOU think?

Therefore, if one doesn't want woes of this type ...and it WILL happen EVERYONE, eventually... one needs to do everything they can to go back to the old ways by using cash only. This is what I've done. I just say, "NO!", to credit cards and even ATM cards. I use cash. period. I do NOT buy things from the internet. When my Monster account was compromised back when Monster dot com was breached and everyone's personal info was stolen, I stopped putting that sort of info out on the internet in any way shape or form. These are just a few of the many ways to, at least, slow down the inevitable electronic invasions into our lives. It's beyond me why people don't realize that they are actually helping perpetuate their own woes by trusting electronic transactions of all kinds, not just monetary ones. But we are talking about about the Target breach in this particular thread. I could get on my soap box and go on, but won't for that and many other reasons.

Collapse -
very good presentation of the situation
by James Denison / December 20, 2013 5:04 AM PST
In reply to: Credit card woes....

The ones who can't do much about always using cash are those who are home-bound, or working hours that leave them little time to visit stores with cash. Online shopping is best for them. I personally don't use cash, especially in this high crime area between Baltimore and DC. My daughter heard news on it yesterday and seems this is a database that isn't specifically for online shopping. It may be the one for in store use of cards, so online accounts may be OK. When I visited mine I didn't see any notice by Target about the card breach, so either they've not updated it yet, or this doesn't affect online customers. Unfortunately we do both kinds of shopping with them. Walmart got too big for us with their superstore, so we switched to the smaller Target. Same stuff for the most part and not walking across Hell's 5 or more acres with not enough room between rows to find the same stuff. If I have to walk around that much acreage, even if indoors, I feel I should be tilling and planting something, LOL.

Collapse -
PS - welcome to the dark side of CNET
by James Denison / December 20, 2013 5:06 AM PST
In reply to: Credit card woes....
"Here there be Dragons...." WinkDevil
Collapse -
Thank you, James
by btljooz / December 20, 2013 8:58 AM PST

But I do already know that the Target breach was in-store sales. I've been hearing about it on the TV news ever since the news of the breach came out. Target must keep their in-store sales transactions separate from their on-line sales? Confused

Collapse -
from Target about the hacked data
by James Denison / December 20, 2013 5:29 AM PST
https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca?intc=importantguestinfo

December 19, 2013

Dear Guest,

We wanted to make you aware of unauthorized access to Target payment card data. The unauthorized access may impact guests who made credit or debit card purchases in our U.S. stores from Nov. 27 to Dec. 15, 2013. Your trust is a top priority for Target, and we deeply regret the inconvenience this may cause. The privacy and protection of our guests' information is a matter we take very seriously and we have worked swiftly to resolve the incident.

We began investigating the incident as soon as we learned of it. We have determined that the information involved in this incident included customer name, credit or debit card number, and the card's expiration date and CVV.

We are partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures we can take that would be designed to help prevent incidents of this kind in the future. Additionally, Target alerted authorities and financial institutions immediately after we discovered and confirmed the unauthorized access, and we are putting our full resources behind these efforts.

We recommend that you closely review the information provided in this letter for some steps that you may take to protect yourself against potential misuse of your credit and debit information. You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports. If you discover any suspicious or unusual activity on your accounts or suspect fraud, be sure to report it immediately to your financial institutions. In addition, you may contact the Federal Trade Commission ("FTC") or law enforcement to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. To learn more, you can go to the FTC's Web site, at www.consumer.gov/idtheft, or call the FTC, at (877) IDTHEFT (438-4338) or write to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.

You may also periodically obtain credit reports from each nationwide credit reporting agency. If you discover information on your credit report arising from a fraudulent transaction, you should request that the credit reporting agency delete that information from your credit report file. In addition, under federal law, you are entitled to one free copy of your credit report every 12 months from each of the three nationwide credit reporting agencies. You may obtain a free copy of your credit report by going to www.AnnualCreditReport.com or by calling (877) 322-8228. You may contact the nationwide credit reporting agencies at:

(more on page about reporting agencies, etc.)
Collapse -
(NT) Fair Use?...You started it.....
by JP Bill / December 20, 2013 5:39 AM PST
Collapse -
can you tell the difference
by James Denison / December 20, 2013 5:56 AM PST

between a public service announcement which is expected to be spread far and wide as quickly as possible, and plagiarizing an entire article instead far beyond fair use rules?

Collapse -
RE: entire article?
by JP Bill / December 20, 2013 6:22 AM PST

OR just enough to rebut your post?

I think it's worse to pick ONE paragraph/line, from an article, post it, and leave out other parts of an article that contradict what the ONE paragraph/line says.

public service announcement?

© 2013 Target Brands, Inc. Target, the Bullseye Design and Bullseye Dog are trademarks of Target Brands, Inc.

I know you will straighten me out on Copyright law.

Would you call this a PSA link?

http://www.consumer.gov/idtheft (from YOUR link by the way)

Down for maintenance now (1800 hrs my time)...It's Obama's fault Devil

Collapse -
PSA links.........
by btljooz / December 20, 2013 9:14 AM PST
In reply to: RE: entire article?
Collapse -
more news
by James Denison / December 20, 2013 7:06 AM PST
10% discount to customers as apology.


Target stolen information offered online overseas


Customer flooding black market


"A day after Target
announced more than 40 million of its shoppers' credit and debit cards
may have been compromised during the crucial holiday season, the
retailer's CEO offered some positive news for customers. All
in-store customers will receive a 10 percent discount on purchases made
Saturday and Sunday, said Gregg Steinhafel, the company's chairman,
president and chief executive officer.

Meanwhile the blogger who first
broke news of the breach, Brian Krebs, reported that data stolen from
Target had begun flooding underground markets that sell stolen credit
cards. KrebsOnSecurity.com
reported on Friday that cards stolen from Target were being offered at
"card shops" for rates starting at $20 each and going to more than $100. A Secret Service spokesman declined comment on the investigation, which the agency is running. The retailer reported the breach on Thursday, a day after Krebs broke news of the attack.

Security experts, including security blogger Brian Krebs,
say that criminals sell stolen credit cards in bulk, with individual
cards going for as little as a quarter or as high as $100 depending on
the credit limit. With that kind of access, they can then burn the
information onto counterfeit cards or use them to purchase gift cards
that siphon off the victim's account.

"
Collapse -
The CEO now has a page up
by James Denison / December 20, 2013 3:52 PM PST
https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca?intc=importantguestinfo

Dear Target Guest,

As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores. We take this crime seriously. It was a crime against Target, our team members and most importantly you - our valued guest.

We understand that a situation like this creates stress and anxiety about the safety of your payment card data at Target. Our brand has been built on a 50-year foundation of trust with our guests, and we want to assure you that the cause of this issue has been addressed and you can shop with confidence at Target.

We want you to know a few important things:

The unauthorized access took place in U.S. Target stores between Nov. 27 and Dec. 15, 2013. Canadian stores and target.com were not affected.
Even if you shopped at Target during this time frame, it doesn't mean you are a victim of fraud. In fact, in other similar situations, there are typically low levels of actual fraud.
There is no indication that PIN numbers have been compromised on affected bank issued PIN debit cards or Target debit cards. Someone cannot visit an ATM with a fraudulent debit card and withdraw cash.
You will not be responsible for fraudulent charges—either your bank or Target have that responsibility;
We're working as fast as we can to get you the information you need. Our guests are always the first priority.
For extra assurance, we will offer free credit monitoring services for everyone impacted. We'll be in touch with you soon on how and where to access the service.

Please read the full notice below. And over the coming days and weeks we will be relying on target.com, abullseyeview.com, corporate.target.com and our various social channels to answer questions and keep you up to date.

Thank you for your patience, understanding and loyalty to Target!

Gregg Steinhafel

Gregg Steinhafel Chairman, President and CEO, Target
Collapse -
Local action from bank(s)
by Willy / December 20, 2013 11:07 PM PST

Already bank members are having their CC denied or "inactive" to reduce Target troubles. Of course, they didn't tell their members they were going to do that. They say they were but many that called, only to be informed then it was inactive, not prior. All debit and CC users were then told they would be getting new cards but not before the Xmas season was over. Target stores has already offered to have a 10% off sale to its customers that return this weekend to help during this period as a goodwill gesture. However, that doesn't help anyone that needs their card for other payments.

I still like to know how the database could be so compromised w/o some warning. You would think during this time more protection or active defense would be increased. I guess not and in that regard, maybe Target should be "fined" to better learn from that lesson, IMHO. -----Willy Happy

Collapse -
one bank, Chase?, lower limits on cards that were
by Roger NC / December 21, 2013 7:48 AM PST

used at Target during the time period.

If I heard correctly, $100 cash limit, $300 purchase limit.

Think it was Chase, but not sure.

Collapse -
charges can be reversed, or removed
by Roger NC / December 22, 2013 9:31 AM PST

debit withdrawals not as much so.

Collapse -
some chips can be remotely scanned
by Roger NC / December 22, 2013 9:32 AM PST

by rfid type stuff.

Collapse -
yes and
by JP Bill / December 22, 2013 11:19 AM PST
Chip ahoy! Are RFID credit cards secure?"

The article doesn't mention If the PIN number is also read when the card is remotely scanned, I can't imagine the PIN number would be readable FROM the card. That should be stored somewhere else

From another link

In answering the question "Does RFID make it easier to steal?" the article states, "Jay Foley, executive director of the Identity Theft Resource Center in San Diego, is quick to admit that thieves could get your card info remotely through a scanner, but adds that they probably wouldn't be able to use it. Unlike magnetic stripe cards, RFID credit cards encrypt a cardholder's information. To access a consumer's account, thieves not only have to scan the card, they also have to break the card issuer's encryption."
Collapse -
morning news guest claimed in Europe where these are used
by Roger NC / December 23, 2013 8:36 AM PST
In reply to: yes and

rarely do big thieves bother with credit cards, they're not worth it, too much trouble to decode and use them.

There was a discussion here not so very long ago about people using altoid cans for credit cards or foil lining their wallets to stop remote reading, think that was for chip cards.

Seen wallets advertised with metal foil within them.

The news story a few months ago showed how easy it was to walk by someone and scan the card. Of course, it doesn't work ever time but that's not much consolation is it?

Collapse -
PIN numbers also compromised. Cash Withdrawals Possible
by James Denison / December 24, 2013 6:26 AM PST
http://finance.yahoo.com/news/exclusive-target-hackers-stole-encrypted-203852085.html

" The hackers who attacked Target Corp (TGT) and compromised up to 40 million credit cards and debit cards also managed to steal encrypted personal identification numbers (PINs), according to a senior payments executive familiar with the situation.

One major U.S. bank fears that the thieves would be able to crack the encryption code and make fraudulent withdrawals from consumer bank accounts, said the executive, who spoke on the condition of anonymity because the data breach is still under investigation...., JPMorgan Chase & Co (JPM) and Santander Bank (SAN.MC) said they have lowered limits on how much cash customers can take out of teller machines and spend at stores....Security experts said it is highly unusual for banks to reduce caps on withdrawals, and the move likely reflects worries that PINs have fallen into criminal hands,... the concern is the coding cannot stop the kind of sophisticated cyber criminal who was able to infiltrate Target for three weeks....On Monday, Santander - a unit of Spain's Banco Santander (SAN.MC) - followed suit, lowering the daily limits on cash withdrawals and purchases"


Target denies PIN data was compromised. Who do you believe???
Collapse -
Believe the banks
by btljooz / December 25, 2013 2:25 AM PST
NOT Target!!!

Target didn't even catch this breach for almost a MONTH. So, what makes you think they really know anything else at this point. Even if they caught it earlier, they certainly didn't notify anyone about it for almost a month. And when they did notify anyone it took FOUR DAYS to get the warning out to the public. It sounds like Molly Snyder either doesn't understand or know the extent of what happened or she's [rather feebly] attempting to cover something up.

Believe the banks. Remember that the only difference between the optimist and the pessimist is that the pessimist KNOWS THE FACTS. What do they have to gain by making this announcement? What I find 'interesting' is that none of the other credit card/debit card giving institutions have stepped forward to announce what they are doing about protecting their customers. Are they even doing anything at all? Confused

That said, if the banks know what credit and debit card numbers are affected by this breach how would the thieves be able to use those numbers with or without the PINs? It only makes sense not to use the same PINs again! Of course, I guess, that makes too much sense for some people to comprehend.

As far as the encryption being cracked is concerned, is it really that weak??? Confused

I say to everyone again, "If you don't want troubles like this, do NOT use plastic for money!" Plain

After all, how did the world practice commerce for the eons BEFORE plastic??? Confused Checks are just as convenient as a debit card which is only a plastic check. And if you think you have to use credit because someone can't afford to pay cash/check then they don't need to spend that money anyway. Morons overextending themselves with all kinds of credit that they can't pay for is a large portion of why we have the fiscal problems that we have in this country.

<steps down from soap box>

MERRY CHRISTMAS EVERYONE!!!! Grin
Collapse -
OOPS!!! Correction...
by btljooz / December 25, 2013 3:07 AM PST
In reply to: Believe the banks
Last paragraph:

Sentence that reads:
<i>"And if you think you have to use credit because someone can't afford to
pay cash/check then they don't need to spend that money anyway."</i>

Should read: "And if someone thinks they have to use credit cards because they can't afford to pay cash/check then they don't need to spend that money anyway."

Please accept my apologies? ConfusedBlush

But, MERRY CHRISTMAS, anyway!!! LOL! Laugh
Collapse -
(NT) tried catalog or internet shopping now with check or cash?
by Roger NC / December 25, 2013 1:40 PM PST
In reply to: Believe the banks
Collapse -
@Roger
by btljooz / December 25, 2013 2:08 PM PST

Catalog shopping - YES

Internet shopping - YES

Both with checks.

That said, I don't normally shop by catalog or internet. I used to do business with a vet supply that was by catalog by check and I've ordered auto/light truck parts from the web site of a very large parts house and used checks through the mail with them, too.

So, YES what you infer is, in deed, possible. You just have to have the castinettes to call them up and set it up that way.

Collapse -
Just discovered possible evidence that Target knew of this
by Steven Haninger / December 25, 2013 10:04 PM PST

several days before the news broke. I'd made a small credit card purchase in early December. On the 18th, which is 3 days after the period of vulnerability, I made another small purchase. I'd made purchases from other merchants using the same card during the that same period and noted that no one had asked me for ID and many times I didn't need to sign. But, on that day at Target, I got a surprise. It was the only time during the holiday shopping season that a merchant asked to see my card. She said she needed to see that it had been signed so I showed her my signature on the card along with my picture ID. The amount of purchase was under $20. I did thank her for asking but now I'm wondering if having cashiers do this all of a sudden didn't indicate that Target had already discovered the threat and were planning to deal with how to release the information.

Collapse -
tape
by James Denison / December 26, 2013 12:29 AM PST

I always put a piece of clear tape over the signature on mine because it tends to smear or become barely legible otherwise over time.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!