We've covered the Target data breach and posted pieces (here, for instance) suggesting what consumers can do to mitigate the risks from that breach and others like it. Now, the Consumer Financial Protection Bureau has issued a consumer advisory of its own on the topic. The agency has also issued a press release, which I'm reproducing in full below (including after the jump):
WASHINGTON, D.C. — Today the Consumer Financial Protection Bureau (CFPB) published a consumer advisory to help consumers protect themselves in the wake of the recent breaches of payment card and other data. The advisory also contains information on where to get help if consumers suspect their information has been compromised.
“Consumer financial products often involve significant amounts of consumer data,” said CFPB Director Richard Cordray. “In light of recent data breaches, we want to be sure that consumers know how to protect themselves and where to turn if they do suspect fraud.”
The consumer advisory can be found at: http://files.consumerfinance.gov/f/201401_cfpb_consumer-advisory_card-security.pdf
Payment cards such as credit, debit, and prepaid cards are among the most commonly used consumer financial products. Over 70 percent of Americans have at least one credit card. Debit cards are now used for more consumer purchases than credit cards, and prepaid card use is continuing to grow. In recent months, data breaches have apparently exposed millions of payment card accounts to potential fraud. In addition, millions of consumers’ names, phone numbers, emails, and addresses also appear to have been stolen separately from card information.
Today’s consumer advisory includes steps consumers can take to protect themselves from data theft:
Monitor accounts for unauthorized charges or debits: Consumers should regularly review their accounts online if possible, and at a minimum examine their monthly statements closely. Consumers should report even small problems immediately as some thieves may process a small charge or debit just to see if the account is live, or whether the consumer notices. Fraudulent charges may occur many months after information is stolen. Even if consumers think the PIN on their debit card was not stolen, they should consider changing the PIN in order to be on the safe side.
Alert bank or card provider immediately if fraud is suspected: Consumers should alert their bank or card provider immediately if they suspect an unauthorized debit or charge. If fraudulent charges appear, the consumer should ask the card provider to close access to the account and issue a new card before more transactions come through. Under federal law and other applicable rules, consumers are generally not responsible for unauthorized debits or charges to credit or debit card accounts, as long as they report them quickly to their bank or card providers.
Follow up with the bank or card provider and maintain records: If consumers find a fraudulent transaction, they should call the bank or card provider’s toll-free customer service number immediately, and also ask how they can follow up with a written communication. When consumers communicate in writing, they should be sure to keep a copy for their own records. Consumers should write down the dates on which they make follow-up calls and keep this information together in a file.
Avoid scams that ask for personal information over email or by phone: A common scheme, known as “phishing,” involves a scammer contacting a consumer over email or phone and asking to verify account information. Banks and credit unions never ask for account information through email. If consumers receive this type of email, they should immediately contact their card provider and report it. If consumers receive this type of phone call, they can ask for a call-back number to verify the requestor is actually their financial institution.