Do not use your plastic at a Target Store!!

If you do, your personal info on it will be compromised!

Target has recently had a security breach where hackers have gotten into their computer system and stole credit and debit card numbers, leaving millions of Christmas shoppers' personal info on their cards into the wrong hands.

The target dates are from November 29th to December 15.

also, the black strip on the back of your card can be used to gain your full name and your PIN number, which can open the door for them to hack into your credit or checking account and wipe it out of its balance!!

If you've shopped there during the period in question, please call your bank or financial institution IMMEDIATELY, and cancel your card and ask for a new one!!

If there is something there that you truly have to have, then pay for it with cash, since it can't be traced at all!

I'm so glad that I was not affected by THIS one!! I called my bank to make sure, and they said that my debit card number is not on the list of hacked card numbers!

I was a victim of the one that occured several years ago when TJX had their computers hacked into!!

I almost never use my credit card. I write checks. Yes, I know that it takes longer than swiping a card but it is safer.

Leni said:

I almost never use my credit card. I write checks. Yes, I know that it takes longer than swiping a card but it is safer.

Click to expand...

I would hate to have to spoil the party for you, but not really.

You see, your routing & account#'s are on the front of your personal checks, and hackers can still get access to your checking account. All they would need at this point IS your routing or account#.

Never leave anything to chance!! Pay for your stuff with cash and avoid all that crap! It's a hassle that you don't want or need!

debit cards are the "bad" problems actor.

somebody frauds a charge with your debit card info the money is instantly gone from your account. did you see Chase(?) opened today (on a Sunday) to handle the Target issue...

add to that, the "laws" surrounding debit cards are next to non-existent. all that "security" the bank yammers on about...? it is at their discretion. it takes days to weeks to "straighten out" fraudulent debit card stuff.

and, just for jollies and iffin your didn't know... if a crook gets their hands on your physical card (i.e. you dropped/lost it) the PIN can be decoded from the info in the magnetic strip. this is not a secret in the underworld. otoh, they cannot deduce your PIN from the data collected at Target, for example, unless Target stored your PIN as part of the transaction which they are not supposed to be doing.

I presume you've seen the news blurb that some stolen card data "is already being used." gosh, from Thanksgiving until now.... who woulda' guessed..... but it's not being used in your home town - that would be ultra-rare. so your bank doesn't have a lot of issues reaching the conclusion it really wasn't you in Belgrade withdrawing cash from an ATM, especially as x hours y mins prior you bought gas at the corner with the same card.

other fraud is either "merchant allowed" or an inside job. buying stuff 'over the Internet' means shipping it somewhere - merchants have the ability to match to your home address.... any merchant who ships to any destination other than the registered home/billing address of the card is 100% at risk.

"Merchant allowed?" in order to be all things to all customers card-not-present merchants are known to overlook or 'be talked into' things - and as you may have read, most merchants account for a certain amount of fraud and loss into their business plan.

it is possible for the merchant management to prohibit transactions where the address entered does not match the billing address. if this is over-ridden, that's an inside job. there are fraudsters who set up entire "credit card billing accounts" in cooperation with a "friendly bank" exclusively for fraudulent purposes. as soon as the bank gets word that the account is under suspicion, the theft withdraws all the cash and evaporates. there is a profit split, questions?

credit cards are a different animal. lots of Federal/state law protecting the consumer. you have 60 days from the billing date to contest the charges. worst case is where fraud puts you up to / over you limit and the card is 'declined' until you can get it reported. you don't have to pay the disputed amount, any and all fees / interest resulting from the fraud are removed. it's usually a one call deal; been there a couple times.

My debit card was once fraudulently charged $150 for a purchase from Scymatic (Norton Internet Security).

Had to call the bank right away and have the account frozen to keep the same potential hackers from using my card# again.

They issued me a new card with a different card#.

That's the way it's done by the Credit card companys, Sherman. Not too long ago, my wife had her credit card compromised when the computer at a restaurant where she went for lunch one day was hacked into and lots of information was lifted. Three other customers had the same thing happen to them. My wife never had to call the credit card company, however - THEY called HER to inquire how come she'd tried to use the card for three different big money things and it was declined all three times because there wasn't enough credit left on it at the time to cover any one of those charges. Sometimes it's good to be middle-income people, isn't it? Anyway, the credit card company put a freeze on my wife's account and immediately issued her a new card and number which came in the mail within two weeks of the incident. We just don't use credit cards at that particular restaurant ever again!

Ian

Yeah, any place that has suffered a breach of security after you've used you card there, their computer security system is no longer trustworthy.

I just go to and ATM, get cash and pay for it that way. My debit card and my checking have been hacked into, and I don't want that to happen ever again, as longs as I can help it!!

>>as long as I can help it....

you can get a card that works only at the ATM, it is not a debit card.

no debit card, no problem, ever.

Unless the ATM that you used has been hacked.

Hackers are like terrorists in a way. They don't go to sleep, and when they do, there are others on duty doing evil malicious work with the other group of hackers are asleep!

Chowder - Thank you for telling it like it is.

I do wonder though, if you tell the store to use your debit card as a credit card if the laws that protect credit cards suddenly become effective.

Andy

Leni - I do over thirty craft shows a year and my order of preference to get paid is Cash -> Check -> Credit card. Checks do not incurr a transaction fee.

It isn't much better from the vendor side of the table. I use the Square. I swiped the card for a $60.00 sale. Square somehow transformed it to a $600.00 sale, charged the customer $600.00. I did not find out till that night. I contacted Square and was told that I could not get any information to contact the customer due to privacy concerns. They advised me to just wait and see if the customer noticed it. My only option online was to do a total refund of the entire charge (the $600.00), which I immediately did. Lucky for me my customer noticed the problem contacted me, was pleased that I had done the right thing and sent me a check for the $60.00. My wife was not so lucky. She processed a charge on her square and it got bumped up $100.00. She also issued a refund and has not heard from the customer, therefore, she is out the cost of her goods. Interestingly enough, both of these transactions were made within five minutes of each other. When I search the WEB, I find that we are not alone.

Adillo303 said:

Chowder - Thank you for telling it like it is.

I do wonder though, if you tell the store to use your debit card as a credit card if the laws that protect credit cards suddenly become effective.

Andy

Leni - I do over thirty craft shows a year and my order of preference to get paid is Cash -> Check -> Credit card. Checks do not incurr a transaction fee.

It isn't much better from the vendor side of the table. I use the Square. I swiped the card for a $60.00 sale. Square somehow transformed it to a $600.00 sale, charged the customer $600.00. I did not find out till that night. I contacted Square and was told that I could not get any information to contact the customer due to privacy concerns. They advised me to just wait and see if the customer noticed it. My only option online was to do a total refund of the entire charge (the $600.00), which I immediately did. Lucky for me my customer noticed the problem contacted me, was pleased that I had done the right thing and sent me a check for the $60.00. My wife was not so lucky. She processed a charge on her square and it got bumped up $100.00. She also issued a refund and has not heard from the customer, therefore, she is out the cost of her goods. Interestingly enough, both of these transactions were made within five minutes of each other. When I search the WEB, I find that we are not alone.

Click to expand...

Some stores will automatically do that if there is no apparatus for self-swiping the debit card.

I like to use the debit feature because the money is deducted from my checking account immediately.

Let's all not forget though, that both credit & debit card #'s were illegally obtained by those hackers responsible for this breach of security, so I think that the credit card protection feature is out the window when it comes to computer hackers.

You'll STILL have to call your bank or financial institution to report it. That will do 2 things;

1. It instantly stops any further fraudulent use of your card because it'll be
canceled right away.

2. Your account is also automatically frozen as added protection from hackers.

You can STILL use your personal checks to make purchases, but most stores won't take them, which at times makes purchasing much-needed things like groceries or medicine an inconvenience and a hassle.

Not to start a fracas Sherm. Plese see Chowder's post here.

Short explication - You can loose more money, take longer to recover and are not as fully protected with a debit card. You are correct the money goes out immediately with debit. Getting it back if there is a problem, not so much.

I was just wondering if you say credit instead of debit if you get the extra protection the law affords credit cards.

Yeah, I read his post.

I think that it would almost be the same as if I were to steal either your debit or credit card.

I would be able to use your card# on the front and the 3-digit security code on the back, but I wouldn't be able to get cash from an ATM, because I wouldn't know your
PIN#.

But it probably would only be one time that I could get away with it. I don't know the law much regarding stolen credit card#'s because it has been eons since I had one. And things DO change most of the time.

If this makes any sense at all.

>>if you tell the store to use your debit card as a credit card if the laws that protect credit cards suddenly become effective.

no.

Sherman -

I'm guessing you read but didn't read the post.

if a crook gets your physical card, the issue of PIN is meaningless.
if a crook gets a copy of the magnetic stripe on your card, the PIN is meaningless.
the necessary data to decode your PIN is on the magnetic stripe and it is not "secret" anymore

the "hack" at Target did not "give away" the magnetic stripe data.
which is utterly no excuse, but anyway....

>>not trustworthy
you can give it up right now Sherman. no system is "safe" - inside or outside jobs will eventually compromise any system. ask the NSA about a dude named Snowden.

so
if you drop the card on the street
and if the person who finds it is a crook
and if the crook who finds it knows, or has a 'friend' who has the hardware and knows how to decode the PIN,
yeah, that'll work.

you can walk up to an ATM anywhere from USA to China to Outer or Inner Mongolia and withdraw money.
no, the ATM does not send a real time query back to your bank to see if the PIN number is right.
nor do all of the thousands and thousands of ATM systems world wide have a record of every world wide card number and PIN.
so how does the ATM in Bangladesh know the PIN is right? uhhh, it's on the magnetic stripe.

the crook gets your magnetic stripe data either by "finding" the card or
badda-bing-badda-boom places like restaurants where the card leaves your possession and goes "out of sight"

guess what.... "they" make "skimmers" that just plain ole copy the stripe data. you can buy one on the internet.
it's not unlike the skimmer devices on gas pumps and the odd ATM - that approach takes a lot more talent.
a skimmer in the pocket of a restaurant server is not quite as noticed by customer as one on the counter top.

data stripes skimmed by servers is the prime rib of the credit theft industry; _all_ the info is there; you didn't "lose" your

card; not likely to be reported until you get your bill.

now,,, you need a lot of decimal places to measure the extent of the kind of "non-organized" ATM "if-if-if-if" fraud. installed

skimmers in 'other' places are more common. it's a risk-reward thing. some places are more secure than others.
discounting - entirely - the cooperating "inside" jobs. a gas station owner that allows crooks to install skimmers for a split of the profits....well, not much stopping that.

much more common is the "card not present" fraud.

drive out of state and tank up at a gas station with card-at-the-pump,,,, odds are the 'system' will query you for the billing zip

code. now iffin you're a crook intent on using a stolen credit card, you've already deciphered the zip from the magnetic stripe.
the average bozo crook who found a credit card on the sidewalk outside the station likely hasn't done that.....

anything you buy on-line is "card not present" - name, number, expiration date, perhaps the security code - bam, item ships to any
address the fraudster specifies. "gifts" are a special thing....

two years back, a bit pre-Christmas I got a call from a merchant in the Great Lakes area. he was wondering if I had accidentally
entered a duplicate order for Ugg boots. somebody had my credit card data, ordered boots as a gift shipped to xyz. it worked,
next day they tried to order some more boots, since it worked the first time. well, I had ordered zero boots, the merchant was
out couple hundred bucks, I called-cancelled-got a new credit card. sorry for him - billing address not verified, last name credit card number expiration date matched, he shipped and lost.

we have lost so much money to crooks who want stuff shipped to a different than billing address - we don't do on credit. send
money via wire transfer, we'll talk. and anyone who volunteers to wire transfer money we can pretty well figure is actually _not_
a crook.

if you lose your physcial card - credit or debit - that needs to be reported as soon as possible.

if you want to protect your credit cards - use a knife to scrape off the signature area on the back. the clerk should demand
photo ID. if you're as ugly as I am, few mistakes may occur.

there is no protection from a crook who has your physical debit/credit card or a copy of its magnetic stripe - that money is gone
until the bank decides it wasn't you in Lower Slobiva that bought $20,000 worth of vodka.

I also remember hearing about those so-called black replacement slots on some of the ATM's.

Hackers have put those on their to fool unsuspecting people into thinking that their cards and transactions were safe, but all the while, their personal info was compromised and the hackers would get away with "murder".

It's a downright lowdown dirty shame the way that these criminals are making such a dishonest living!!

Banks such as Chase & Citibank are seriously contemplating suing Target over security breach.

This could get more messy before it gets better!!



http://www.cnbc.com/id/101293579?__source=xfinity|mod&par=xfinity

The U.S. Department of Justice is also investigating the giant snafu that has occurred with Target.

They want to know just how something like this was allowed to happen and why was Target so reckless & careless in putting millions of shoppers at risk and as victims of this big security breach of dishonesty & betrayal! This just might put Target on the list of stores that might not be around in a year or two!!

I hope that all of the victims can at least still be able to enjoy the sharing of opening gifts and a nice holiday meal with the kids, friends and families!!

Actually, Target is probably one of the safest places to shop now. After that snafu they will be extra careful with the card data (like they should have before ...but that's water under the bridge). Target is the nations 3rd largest retailer and we do not have one close by. I know of targets 75 miles or so away in multiple directions but do not have the urge to travel just to shop there.

Y'all might find this a bit scary.
http://hackaday.com/2012/04/18/reading-credit-cards-with-a-tape-head/

well, time to sidle over to Sherman's side.

Target now admits "encoded" PINs were stolen. forget about the "oh but it's encoded" crap - any crook than could pull this off already knows how to decode the PIN.

if you used a credit / debit card at Target Thanksgiving to present, time to call you bank and/or credit card companies and report your card stolen.

there's a bunch of "data" on the magnetic strip of a credit / debit card.
the "merchant" only needs some of it, and is prohibited, by the absolute lowest industry standard, from storing "the good stuff"

see
https://www.pcisecuritystandards.org/documents/navigating_dss_v20.pdf
page seven and onward....

Full Magnetic Stripe Data - Cannot store per Requirement 3.2
CAV2/CVC2/CVV2/CID - Cannot store per Requirement 3.2
PIN/PIN Block - Cannot store per Requirement 3.2

so, the crooks stole 40 million cardholders' data from a three+ week span.
how did this happen?
(a) they installed cretin-ware that "phoned home" - in real time - with juicy data at some interval
(b) they "broke in once" and stole days-of-data-files

nobody's talking; details are not public.

but,
(a) if the crooks installed "phone home" nastyware that went undetected for weeks, uhmmm, you don't wanna' shop there.
(b) Target is capturing and storing explicitly prohibited data - in flagrant violation of the most basic industry standards = you don't wanna' shop there.

if you must, go with Sherm's theory: "Cash Only"

if you need more substance to why you should not have/use a debit card, see:
http://www.today.com/money/5-lessons-learned-target-security-breach-2D11803343

ChowderMan said:

well, time to sidle over to Sherman's side.

Target now admits "encoded" PINs were stolen. forget about the "oh but it's encoded" crap - any crook than could pull this off already knows how to decode the PIN.

if you used a credit / debit card at Target Thanksgiving to present, time to call you bank and/or credit card companies and report your card stolen.

there's a bunch of "data" on the magnetic strip of a credit / debit card.
the "merchant" only needs some of it, and is prohibited, by the absolute lowest industry standard, from storing "the good stuff"

see
https://www.pcisecuritystandards.org/documents/navigating_dss_v20.pdf
page seven and onward....

Full Magnetic Stripe Data - Cannot store per Requirement 3.2
CAV2/CVC2/CVV2/CID - Cannot store per Requirement 3.2
PIN/PIN Block - Cannot store per Requirement 3.2

so, the crooks stole 40 million cardholders' data from a three+ week span.
how did this happen?
(a) they installed cretin-ware that "phoned home" - in real time - with juicy data at some interval
(b) they "broke in once" and stole days-of-data-files

nobody's talking; details are not public.

but,
(a) if the crooks installed "phone home" nastyware that went undetected for weeks, uhmmm, you don't wanna' shop there.
(b) Target is capturing and storing explicitly prohibited data - in flagrant violation of the most basic industry standards = you don't wanna' shop there.

if you must, go with Sherm's theory: "Cash Only"

if you need more substance to why you should not have/use a debit card, see:
http://www.today.com/money/5-lessons-learned-target-security-breach-2D11803343

Click to expand...

I honestly can't remember the last thing that I bought in there, or when I bought it, but I'm sure by now that my bank has routinely changed my card number at least a few times since.

And I'm not going to use my card in there at all!!

More trouble is forecast for Target!

Swatch plans to sue the store chain for fraudulently copying their watch designs!!


http://www.cnbc.com/id/101482043?__source=xfinity|mod&par=xfinity