The Chronicle of the Horse
MagazineNewsHorse SportsHorse CareCOTH StoreVoicesThe Chronicle UntackedDirectoriesMarketplaceDates & Results
 
Page 2 of 2 FirstFirst 12
Results 21 to 27 of 27
  1. #21
    Join Date
    Feb. 13, 2005
    Location
    Columbus, OH
    Posts
    6,913

    Default

    Quote Originally Posted by SillyHorse View Post
    Then it sounds like my best bet will be to cancel the card and get a new one. Thanks for the information.
    Probably, yes. But wow, this thread was full of some serious misinformation about exactly what was stolen in the Target breach and how thieves can use it. In the end, my advice is still to consider cancelling your card, but for very different reasons than most people on this thread are imagining.

    What was stolen in the Target breach = stuff that's stored on the magnetic strip on your card. That includes the card number on the front of your card + the expiration date, and in some cases, the name of the account-holder from the front of the card. There's also some evidence, from black-market vendors who resell these cards, that whomever stole the numbers also logged the city/zip code of the Target where your card was stolen. (This is useful to thieves who want to bypass systems that flag out-of-state purchases for fraud review).

    But the stolen info does NOT include the CVV2 security code on the back of the card, nor does it include your debit PIN number. That info isn't stored on the magnetic strip on your card. There was some early mis-reporting suggesting that the CVV2 security codes were stolen, but Target has issued a statement confirming that that is not true. You can find an excerpt of that statement in this article:
    http://techcrunch.com/2013/12/20/the...target-reacts/

    So the point is, a thief cannot fully recreate your card based on the data they've got. They don't know your PIN, so they can't walk up to an ATM and use your card there. They don't know the security code on the back of your card, so they can't make online purchases from 99% of online vendors.

    But they CAN make a fake plastic version of your card with a functional magnetic strip, then use that card in retail stores to buy stuff. Then, they fence/resell the goods. Obviously, that is still fraud and could still cost you a lot of money if it's not caught by the bank, or by you. So at the very least, you should be vigilant about watching your online statement and monitoring your credit report. Target is providing free credit monitoring to people affected by the breach.

    As for why your bank may not have said anything to you yet...because of how this breach occurred and how the data is being treated by authorities, some banks don't even know yet whether your card is part of the breach. A few banks have proactively cruised some of the major online black-market resale CC sites to see if any cards for sale match their Bank Identification Number. Some have run data searched to see which of their bank-issued cards were used at Target stores on the dates in question. But basically, unless you bank with a HUGE national bank, your bank might not know yet whether your card is compromised.

    Also, there are banks that already know they're part of the breach and are purposely sitting on their hands for awhile. Multiple banks have said that they don't want to mass-cancel credit/debit cards, even when they know the number has been compromised, until after the Christmas rush. They will piss off a lot of customers if credit cards just magically stop working on the busiest shopping days of the year. It is also expensive for banks to cancel cards--roughly $3 to $5 per card, times thousands of cards. And historically, when gigantic breaches like this occur, only a very small percentage of the card numbers actually get used for fraud.

    Personally, if I had been part of the breach, I would call my bank and ask to have my card cancelled. They can't reasonably say no. If they do, for some inane reason, then call back and tell the next customer service agent that you "lost" your card. But that's easy for me to say, as someone who's done with Christmas shopping, isn't traveling for Christmas, and could easily work around one canceled credit card. If forced to keep the card, I would check my online CC statement daily to see if there was craziness that the bank's fraud detection systems hadn't already caught.

    To read more on this topic than you ever wanted to know:

    http://techcrunch.com/2013/12/20/the...target-reacts/

    http://krebsonsecurity.com/2013/12/c...round-markets/
    Last edited by jn4jenny; Dec. 20, 2013 at 09:05 PM.
    ________________________
    Resident COTH saddle nerd. (CYA: Not a pro, just a long-time enthusiast!)
    http://twitter.com/jenlmichaels


    2 members found this post helpful.

  2. #22
    Join Date
    Jul. 25, 2007
    Location
    Arizona
    Posts
    953

    Default

    I'm so annoyed with myself. I never, never use a debit card for purchases and yet somehow this week I managed to grab it and use it at Target. I called my bank and cancelled the card and they issued me a new one.



  3. #23
    Join Date
    Feb. 7, 2005
    Location
    Lancaster, PA
    Posts
    5,225

    Default

    I used my credit card to buy Christmas gifts at Target during this time period. Although I haven't seen any fraudulent activity, I went ahead and cancelled the card. Waiting 5-7 days for a new one now is less of a headache than having to deal with it if/when charges unexpectedly show up. (Especially since I will be doing some traveling early next year - what a pain it would be for fraud to trigger CC to stop working in the middle of a trip!)



  4. #24
    Join Date
    Jun. 3, 2005
    Posts
    180

    Default

    I hope this brings chip and PIN to the US faster. (Of course, I used my card there during the time frame...sigh!).

    Most EU countries---and Canada---use chip and PIN technology. Be aware, if you take a traditional US issued card to Europe, they may no longer be familiar with the 'swipe the magnetic strip' concept that is normal here. Merchants can manually key in your number, but if you're at an unattended kiosk, very likely your card won't work.

    The security measures are so much stronger using chip and PIN. Select US banks are issuing their high end clients who travel a card with chip and PIN, but it's far from common here. Supposedly in the next couple years the US will catch up. The stop gap solution now is chip and signature, which still doesn't have the strength of chip and PIN.



  5. #25
    Join Date
    Apr. 2, 2003
    Posts
    5,110

    Default

    Quote Originally Posted by Muffin View Post
    I
    The security measures are so much stronger using chip and PIN. Select US banks are issuing their high end clients who travel a card with chip and PIN, but it's far from common here. Supposedly in the next couple years the US will catch up. The stop gap solution now is chip and signature, which still doesn't have the strength of chip and PIN.
    I travel quite a bit for work and I had to actively seek out a chip and pin card-- and I have not encountered, in 2 years of 90% travel (home 1 day a week) a single card reader in the US that reads it off the chip. All are mag stripe. I had to specifically request a chip and pin card from the vendor (Chase Sapphire Preferred, for those interested).



  6. #26
    Join Date
    Jun. 3, 2005
    Posts
    180

    Default

    You're right...I wasn't clear. I believe the chip and signature cards offered by some US banks also have the traditional mag stripe? When you read about what is available for 'normal folks', it's actually chip and sig, not chip and PIN. People are now opening accounts at foreign banks to specifically get a card with the chip and PIN security.

    The retailers are hesitant to embrace the chip and PIN technology because not only does it cost money to replace the traditional readers, but supposedly a breach in security from a chip and PIN attack shifts the financial responsibility from the issuing card company to the retailer. I'd be highly surprised to see a chip and PIN reader at any US retailer right now, but hopefully by 2015.



  7. #27
    Join Date
    Sep. 4, 2006
    Location
    Somewhere in the Southwest
    Posts
    1,277

    Default

    A really ironic little factoid here re: chip and pin vs magstripe...food stamp cards, at least here in TX are chip and pin, though they have a stripe as well.



Similar Threads

  1. Why can't I have 2+ debit cards?
    By JoZ in forum Off Topic
    Replies: 10
    Last Post: Nov. 5, 2012, 11:21 AM
  2. Life Data's Barn Bag - selenium question
    By Ritazza in forum Horse Care
    Replies: 0
    Last Post: Aug. 11, 2011, 03:43 PM
  3. Question about a Judging Card
    By Joannie Jumper in forum Hunter/Jumper
    Replies: 29
    Last Post: Jan. 17, 2011, 12:59 AM
  4. pedigree data base question
    By carolprudm in forum Sport Horse Breeding
    Replies: 3
    Last Post: Sep. 16, 2010, 11:15 AM
  5. DNA data question
    By Simrat in forum Sport Horse Breeding
    Replies: 16
    Last Post: Aug. 21, 2008, 09:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
randomness