Feature

Shopping: The growing danger of retail hacks

This month big-box retailer Target revealed that up to 110 million customers’ personal information was hacked before the holidays.

“In the battle between hackers and retailers, it sure looks as though the hackers are winning,” said Joe Nocera in The New York Times. This month big-box retailer Target revealed that up to 110 million customers’ personal information—-including names, addresses, phone numbers, and PINs—was hacked before the holidays. Since then we’ve learned of breaches at Neiman Marcus and other U.S. merchants. Security experts have determined that the attack on Target was almost certainly the work of “extremely sophisticated” Russian hackers using malware that grabbed data at the “moment of maximum vulnerability,” when customers swipe their cards and their magnetic stripes “yield all the information the hacker needed.” The obvious fix is for the U.S. to do what virtually every other country in the world has done: switch to cards embedded with far more secure chips.

Multiple investigations into the hacks are underway at the federal and state levels, said Amrita Jayakumar and Hayley Tsukayama in The Washington Post. But whatever they find, there’s no doubt that you should “keep an eye out for any strange transactions” on your credit and debit cards. There’s no all-clear for data breaches of this nature: “Hackers who take big swaths of data like this sell them to criminals, so your information could stay on the marketplace for a while.” Target says it encrypted customers’ PINs before they were stolen, but “debit card users may want to take the precaution of calling their banks to get their PINs changed.” Report any fraudulent or suspicious charges to your bank or card issuer, and scrutinize any emails “that appear to come from your bank or Target.” Numerous reports have surfaced about phishing scams that masquerade as customer support in sometimes quite ingenious attempts “to trick people into parting with personal information.”

There’s still “no federal law that requires disclosure of security breaches,” said Pamela M. Prah in USA Today. But most states do require companies to inform consumers when their data has been compromised. California’s laws are the strongest, laying out a catalog of data breaches that companies are required to report. California has also passed laws requiring businesses to give more detailed disclosures about their privacy policies and what information they gather from online consumers. Given the number of security incidents we’ve seen lately, these are all laws “that other states are expected to consider this year.”

Recommended

New chancellor at Kabul University bans women from campus
An Afghan girl sits in an empty classroom.
going backwards

New chancellor at Kabul University bans women from campus

South Korean military says North Korea fired 'unidentified projectile' into sea
File footage of a North Korean missile launch airs on South Korean TV.
all eyes on north korea

South Korean military says North Korea fired 'unidentified projectile' into sea

Germany's next governing coalition could be determined by 3rd- and 4th-place parties
Annalena Baerbock.
what's next for germany

Germany's next governing coalition could be determined by 3rd- and 4th-place parties

Other countries are besting even the most vaccinated U.S. state
Burlington, VT.
vaccinate the world

Other countries are besting even the most vaccinated U.S. state

Most Popular

7 cartoons about America's vaccine fights
Editorial Cartoon.
Feature

7 cartoons about America's vaccine fights

Jimmy Fallon and Nicole Kidman almost make it through interview without awkwardness
Jimmy Fallon and Nicole Kidman
Last Night on Late Night

Jimmy Fallon and Nicole Kidman almost make it through interview without awkwardness

Democrats are governing like Republicans
A donkey.
Picture of W. James Antle IIIW. James Antle III

Democrats are governing like Republicans