The hacking at the U.S. Target stores is almost beyond comprehension in its magnitude and impact.  The “who” and “how” may never be known but what is known is that the millions of credit and debit cards used at Target have been stolen — and that the personal and financial information of those consumers are at risk.

Brian Krebs broke this story and has continued with his investigation.  He’s already found out that the financial information is being used on non-U.S. cards (www.krebsonsecurity.com; “Non-US Cards Used At Target Fetch Premium”).  Mr. Krebs often is the first to learn about these types of breaches and his blog is worth reading regularly.

Affected consumers can’t wait to hear from their credit card companies or financial institutions before taking pro-active steps to protect themselves. What should affected consumers do?  Tony Bradley outlines the steps concisely in a recent blog (blogs.cssonline.com; “5 things you should do to protect yourself from Target data breach”).

As Mr. Bradley outlines, consumers should:

  1. Monitor your credit and bank accounts: this is true for any breach but there are reports about victims already seeing unauthorized credit card charges or bank account withdrawals using the stolen debit card information;
  2. Contact your bank or card provider: don’t wait to see if you hear from them; let them know you used your card at Target and that your financial information has likely been stolen;
  3. Put a lock on your credit file: Mr. Bradley suggests contacting one of the credit agencies (e.g., Experian, Equifax) and ask for a security freeze; the freeze prevents the credit agency from releasing your credit report without your express consent;
  4. Cancel and replace your cards: this may not prevent some misuse of the stolen financial information but it can limit the impact of ongoing theft;
  5. Use lower credit cards instead of a debit card:  this is sound advice under any scenario; as Mr. Bradley notes, a lower credit amount puts less money at risk.  I’d add that credit cards have statutory protection (Reg E) so that consumers reporting the loss or theft of a credit card are only responsible for $50.00 of charges.  Debit cards do not have the same legal protection which could mean more of a financial loss to the consumer.

Consumers could not protect themselves against the Target hacking but they can try and protect themselves from its fallout by following the above advice.