(BOSTON) In light of the recent news about Target’s data security breach, the National Consumer Law Center, Consumer Action, and U.S. PIRG remind consumers that:
1. Your liability for fraudulent charges is limited under federal law.
Credit Cards: Under federal law, your responsibility for unauthorized credit card charges is limited to $50, and in some cases would be $0.
Debit Cards: Your responsibility for debit card fraud charges is a bit more:
- $50 if you notify the bank within 2 days.
- Up to $500 afterwards
- Unlimited if you fail to report the fraud charges within 60 days after you receive your bank statement
Also, since the money to pay the debit card comes directly out of your bank account, you won’t be able to use that money until the fraud charge is reversed. Both VISA and MasterCard have “zero liability” policies that limit your losses to $0, but these are voluntary policies.
Finally, when you contact your credit card company, don't pay a fee to receive a replacement card - even during the holiday shopping season. Ask the issuer to waive the expedited fee to send a replacement card. You can find more information on reporting card fraud here.
2. Check your credit report, but don’t panic.
If you are worried that a security breach has made you a target of identity theft, check your credit report - it's always a good idea to do that regularly. But theft of a credit card number is unlikely to lead to the thief opening new accounts. That’s because the key piece of information needed for “new account” ID theft - your Social Security Number - is not part of the credit card data.
3. Don’t pay for expensive credit monitoring or fraud detection services.
You can check your credit report for free once a year using www.annualcreditreport.com - no need to pay for a monthly service.
As for fraud detection services, some of them have been known to do questionable things. For example, one of these companies, LifeLock, paid $11 million to the Federal Trade Commission in 2010 to settle charges that it used false claims to promote its identity theft protection services.
4. The strongest prevention against ID theft after a breach is a security freeze.
A security freeze prevents your credit report from being shared with potential new creditors. If your credit files are frozen, a thief will probably not be able to get credit in your name. You have a right to place a security freeze on your credit report under the law in most states, and freezes are available to residents of all 50 states. Find more information on security freezes here.
Other helpful resources:
In addition to the advice above, advocates questioned whether Target has been in compliance with state laws that require consumers to be notified when there is a security breach.
Since 1969, the nonprofit National Consumer Law Center® (NCLC®) has used its expertise in consumer law and energy policy to work for consumer justice and economic security for low-income and other disadvantaged people, including older adults, in the United States. www.nclc.org
U.S. PIRG, the federation of state Public Interest Research Groups, is a consumer group that stands up to powerful interests whenever they threaten our health and safety, our financial security, or our right to fully participate in our democratic society. www.uspirg.org
Consumer Action has been a champion of underrepresented consumers since 1971. A national,nonprofit 501(c)3 organization, Consumer Action focuses on financial education that empowers low to moderate income and limited-English-speaking consumers to financially prosper. It also advocates for consumers in the media and before lawmakers to advance consumer rights and promote industry-wide change particularly in the fields of credit, banking, housing, privacy, insurance and utilities. www.consumer-action.org