Update (4:50 ET). Global Payments, Inc. has acknowledged that it “self identified and self-reported unauthorized access into a portion of its processing system.”
Krebs on Security reported that MasterCard and Visa are alerating banks about a “massive” data breach that “may involve more than 10 million compromised card numbers.” The blog, written by former Washington Post security reporter Brian Krebs said that “full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards.”
Although there are things consumers can do to protect the confidentiality of their credit cards, sometimes data is taken through no fault of our own. Fortunately they are things we can do to protect ourselves.
Go online to check credit & debit card use
If you think there is a possibility that your card information might have been compromised, the most important thing you can do is to go online early and often to check for recent activity. Don’t just look at past statements (online or in print) but also all activity since your last statement.
Many people have debit cards with a Visa or MasterCard logo. These accounts are also vulnerable because you don’t need a PIN # to use these cards as if they were credit cards. With debit cards, the money comes out of your account right away and you need to contact the bank to get them to put it back.
With both credit and debit cards, your liability is limited to $50 (many banks wave that as well) but the bank is required to reimburse you in the event of fraud but only if you report it. For more, see this from the Federal Trade Commission.
Check credit reports
It’s a good idea to check your credit reports with all three major bureaus at least once a year. You can do that for free with Experian, TransUnion and Equifax at AnnualCreditReport.com. Be careful with other sites that offer “free credit reports.”
Also, if you suspect that your data might have been compromised, check with the credit card company or bank to see if they can offer you additional services such as free access to your credit report.
Watch out for phising
Scammers love to take advantage of highly visible breaches like these. It gives them an “excuse” to send out emails that appear to come from financial institutions asking people to log on to their account to confirm their “security” settings. If you get such an email — even if it appears very legitimate and even if it contains part of your account number (which is a bit more likely because of the breach), don’t click on it but call your bank or log on by typing in their web address or using their authorized mobile banking app.