EagleTribune.com, North Andover, MA

December 20, 2013

RED ALERT

By Sara Brown
sbrown@eagletribune.com

---- — Methuen resident Kristen Novak said she was “horrified” when she found out about the possible data breach of 40 million credit and debit card accounts who shopped at popular retail chain Target.

“It’s a scary thing to think about,” she said outside the Target in Methuen yesterday.

The chain, known for its bright red logo, shopping carts and store decor, said that accounts of customers who made purchases by swiping their cards at terminals in its U.S. stores between Nov. 27 and Dec. 15 may have been exposed. The stolen data includes customer names, credit and debit card numbers, card expiration dates and the three-digit security codes located on the backs of cards. The data breach did not affect online purchases.

Novak said when her husband found out about the incident he called her immediately knowing that she had shopped at Target during that time.

“I went there to shop but the lines were too long that day so I left and did shopping at another store,” she said. “I was kind of annoyed at the time about it but now I am so happy I did.”

The breach affected all cards, including Target store brand cards and major card brands such as Visa and MasterCard.

The Minneapolis company said it immediately told authorities and financial institutions once it became aware of the breach and that it is teaming with a third-party forensics firm to investigate and prevent future breaches. It said it is putting all “appropriate resources” toward the issue.

“It’s crazy to think about how this can even happen,” Novak said. “You are not expecting something like this when you go shopping.”

After the Massachusetts-based clothes retailer TJX experienced a major data breach, the Legislature passed a law requiring businesses to notify the Office of Consumer Affairs and Business Regulations and the Office of the Attorney General when informed of a data breach.

It’s incidents like these that make resident James Brown hesitant about using his credit card or debit card when shopping.

“I hardly ever use them. I always try to use cash when I am shopping. I only have them in case of an emergency. I am kind of paranoid about these things,” he said.

Novak admits now she will be more cautious about using her credit or debit card in the future.

“This is something I am really going to think about when I use them next,” she said.

Amie O’Hearn Breton, director of communications at the state Office of Consumer Affairs and Business Regulation, estimated that state officials learned of the breach at about 8 a.m. Thursday.

“This is a rapidly evolving situation that we just learned of this morning,” she said during an interview at about 11:15 a.m. yesterday in response to a News Service inquiry made early in the morning amid news reports about the breach. “We’re working to determine what’s happened with the breach, how the breach occurred.”

Target didn’t say exactly how the data breach occurred, but said it had since fixed the problem and that credit card holders can continue shopping at its stores. When asked whether there’s a certain time when shoppers know their accounts will no longer be vulnerable, a Target spokeswoman said, “We encourage everyone to be vigilant.”

According to Target’s store locator, there are 36 stores in Massachusetts including Methuen and Haverhill. There is also a store in Salem, N.H. Target has 1,797 U.S. stores nationwide.

“I think this could affect their sales,” Brown said. “My friends have already told me they are worried about shopping there.”

“I have friends that don’t really want to shop there now,” Novak added.

Target is also very aware about consumers’ concerns.

“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” Chairman, President and CEO Gregg Steinhafel said in a statement Thursday.

New England located Eastern Bank is advising Target consumers to be vigilant.

“We are aware of the recent debit and credit card breach at Target. If your account was affected, we will reach out to you via mail and issue you a new card. Please note that if you are a Target REDcard holder and you have seen suspicious activity, you should contact Target directly. In the meantime, please continue to review your account for suspicious activity,” they said in a statement.

Target said customers could contact the company at 1-866-852-8680.

Material from the State House News Service and AP is included in this report.

Follow Sara Brown on Twitter @Sara_Brown_Trib. To comment on stories and see what others are saying, log on to eagletribune.com.

How to protect yourself 1. Closely monitor your credit and debit card statements for any suspicious activity. 2. If you find anything suspicious, immediately contact your bank. You can also contact the Federal Trade Commission to report incidents of identity theft at www.consumer.gov/idtheft or call the FTC at 877-438-4338. 3. Check your credit report. If you find information that appears to be fraudulent, request that the credit reporting agency delete that information from your credit report file. You can get a free copy of your credit report once a year from one of the three credit reporting agencies including Equifax, Experian and TransUnion. 4. Add a fraud alert to your credit report file with one of the three credit reporting agencies. That means creditors will be extra vigilant in protecting you, though it may delay your ability to obtain credit. 5. If you want to reach Target directly concerning the breach and precautionary steps you should take, call 866-852-8680. Source: www.businessinsider.com