Schuette Marks National Data Privacy Day,
Warns Victims of Target, Neiman Marcus, Michaels
Data Breaches of Potential Identity Theft Scams
A.G. Schuette Provides Helpful Information to Assist Consumers Affected by
Largest Data Breaches in U.S. History; Schuette Also Investigating Michaels Breach
LANSING - Michigan Attorney General Bill Schuette marked National Data Privacy day and issued an alert outlining helpful resources for consumers affected by the recent Target, Neiman Marcus, and Michaels data breaches. Schuette also notes consumers should remain wary of online scams posing as legitimate resources for data breach victims to obtain their personal information for fraudulent purposes. The warning comes after one of the largest data breaches in national history compromised the personal and financial information of potentially more than 110 million customers.
“Michigan victims of these massive data breaches became vulnerable to fraud when their personal and financial information was compromised,” said Schuette. “I am working swiftly with attorneys general around the country to investigate and prevent security breaches of this magnitude from happening in the future. Citizens should remain on guard against phony online scams attempting to re-victimize consumers through identity theft.”
On December 19, 2013, Target reported that the credit and debit card information for approximately 40 million consumers may have been compromised. Target determined that the information involved in this incident included customer name, credit or debit card number, the card’s expiration date, and security code. Target reported that the breach involved credit card and debit card information for purchases at its retail stores only; online purchases were not affected.
On January 10, 2014, Target reported that personal information, such as phone numbers, addresses, and email addresses for 70 million people were also exposed. The company reports it does not know how much overlap exists between the original 40 million customers and the additional 70 million, raising the possibility that the data of more than 110 million people has been compromised.
On January 11, 2014, retailer Neiman Marcus confirmed that it was working with the U.S. Secret Service to investigate a breach and may have involved the exposure of potentially more than 1.1 million customer credit and debit cards. According to reports, a forensics firm confirmed evidence that Neiman Marcus was a victim of a criminal cybersecurity intrusion and some customers’ credit and debit cards were possibly compromised. Neiman Marcus reports it has taken significant steps to further enhance information security.
On January 25, 2014, the U.S. Secret Service confirmed the launch of an investigation into a possible cybersecurity attack on the craft retail store, Michaels. The breach may have compromised the private data for an unknown number of credit and debit cards of Michaels customers. Michaels indicates that if the investigation determines their customers were affected, they will offer free identity protection and credit monitoring services. Updates will be provided on the company’s website, www.Michaels.com.
Schuette remains actively engaged in investigating the breaches with state attorneys general across the country. Target, Neiman Marcus, and Michaels are working with the Department of Justice and the U.S. Secret Service to investigate the incidents.
Attorney General Schuette offers the following tips for consumers who believe they may have been victims of the data breaches:
- Target is offering one year of free credit monitoring and identity theft protection to all Target guests who shopped U.S. stores. Guests can register for this offer by visiting https://creditmonitoring.target.com/. Guests will then receive an email from Target within 1-5 days that will include the unique activation code and instructions on how to register their code with Experian’s ProtectMyID. Guests will have until April 30 to register their code with ProtectMyID.
- If you have made a payment card purchase at Neiman Marcus in the past year, the company will be offering you one year of free credit monitoring service. Sign-up instructions for this service will be provided on the Neiman Marcus website.
- At a minimum, customers who shopped at Target or Neiman Marcus with a debit card should change their personal identification number (PIN). You can also request a new debit card from the issuer.
Beware Phony Data Breach-Related Phishing Websites
- Target will not ask a consumer to provide any personal information, i.e. social security number, or to confirm any credit or debit card information by phone or email. Unfortunately, many fraudulent websites have started to emerge where scammers hope to obtain personal information. Do not disclose your address, social security number, or other personal information in response to unsolicited request by email or phone.
- If you receive any communication claiming to be from Target, you should visit Target’s main breach website (see the “official documents & communication” area) to verify that it is a legitimate email from Target.
To access the full Attorney General Consumer Alert, “Security Breaches – Target, Neiman Marcus, and Michaels”, visit the following link: http://1.usa.gov/1f7JlBJ
For additional information on how you can protect your credit score and bank account after a security breach, please see the Attorney General Consumer Alert, “Security Breaches: What to Do Next” - http://1.usa.gov/1egIKug To learn more about identity theft prevention and resolution for Michigan consumers, please see the Attorney General's Consumer Alert, “Identity Theft Information for Michigan Consumers” - http://www.michigan.gov/ag/0,4534,7-164-17337_20942-230557--,00.html.
For general consumer questions or complaints, you may reach the Attorney General's Consumer Protection Division at: P.O. Box 30213, Lansing, MI 48909. Call toll free: 877-765-8388 or www.michigan.gov/ag (online complaint form)
National Data Privacy Day Background
Established in 2008, National Data Privacy Day is an annual educational effort led by the U.S. National Cyber Security Alliance. National Data Privacy Day seeks to inform citizens on how best to protect their personal data, control their digital footprint, as well as respect and protect the privacy of others. For more information, visit the following link - http://www.staysafeonline.org/data-privacy-day/
Our children are our nation’s most valuable asset. They represent the bright future of our country and hold our hopes for a better nation. Our children are also the most vulnerable members of society. Protecting our children against the fear of crime and from becoming victims of crime must be a national priority.
