One of the first notorious data breaches to hit the news hard was the Target data breach in 2013. There is a Target data breach case study done by security company ESET which describes how this single event transformed how cybersecurity experts evaluate retail security systems.
Hackers stole 40 million credit card numbers and personal details for 70 million customers. In light of recent data breaches, this may seem small, but at the time, it was quite an offense to customers’ trust. The attack hit during the 2013 holiday shopping season, which somehow made it worse.
Along with credit card numbers, the cybercriminals also got away with PINs, customer names, email addresses, phone numbers, expiration dates, and security codes. This incident, combined with the Home Depot hack, effectively pushed credit card companies to move to a chip-based system with PINs and away from the magnetic strip style cards. The change is one of many that came out of the target hack.
When Was the Target Data Breach?
The Target data breach occurred between Nov. 27 and Dec. 18, 2013. The perpetrators gained access to Target servers through stolen credentials of a 3rd party vendor in Nov 2013. They then installed malware to capture names, email addresses, credit card data, and other information.
How to Check if Your Data Was Breached During The Target Hack
Target sent out letters to everyone who was affected by the data breach. If you shopped at any Target stores between Nov. 27 and Dec. 18, 2013, you should also review your credit card and bank statements from that time period to look for suspicious charges. The time to file a claim has passed, but you might be able to take legal action if you were not notified, and you were affected by the target hack.
What to Do if Your Data Was Breached During The Target Hack
Unfortunately, it is too late to file a claim with Target. The deadline of July 31, 2015 has passed, but you can still take some action. If you never received a notice from Target, you may still have some legal options. If you haven’t already taken the steps below, do so now:
Cancel the credit card you used at Target during the data breach and request a new one.
Change all your online passwords for banking and credit card accounts (use strong passwords with combinations of letters, symbols, and numbers).
Work with credit card companies to remove any fraudulent charges.
Get a copy of your credit report and sign up for credit monitoring (IDStrong.com offers this service).
Keep an eye out for phishing and other scam emails.
Are There Any Target Lawsuits or Settlements?
There was a massive class-action lawsuit with a huge Target data breach settlement payout of up to $10,000 per customer. Target set up a website to inform people of the settlement and how to file a claim. The deadline to file (July 31, 2015) has passed, and no further claims are being accepted. In August of 2019, Target legal counsel began sending out payments to affected customers. Those that received payouts had to provide proof that the incident led to fraudulent charges, costs incurred restoring their credit, identity theft, or other serious consequences.
Can My Stolen Target Information be Used for Identity Theft?
The information stolen during the Target data breach is exactly what is needed for identity theft. The personal details combined with credit card information and logins are more than enough to provide a hacker with what they need to infiltrate your other accounts and possibly even your computer. You cannot be too careful when protecting yourself against identity theft.
What to Do to Protect Yourself When Buying from Retail Stores
Hacking incidents may scare off some consumers, but most of us will continue to shop and use credit cards. However, there are steps you can take to keep yourself safe.
Use only one credit card for retail purchases and monitor your statements carefully each month.
Review bank statements and your credit report regularly to scan for fraudulent activity.
Invest in credit monitoring and consider a credit freeze where new accounts cannot be opened without your permission.
Keep all your devices updated with antivirus software and run scans often.
Use common sense and watch for suspicious scam emails that push you to click a link or download an attachment.