Advertisement

3 steps to take if your credit information is stolen in a data breach

Click to play video: 'Steps to protect yourself after a data breach'
Steps to protect yourself after a data breach
WATCH: Hudson's Bay Company and Under Armour's MyFitnessPal mobile app both had a recent data breach. – Apr 3, 2018

Over the past week, three major data breaches have impacted the personal information of tens of millions of people around the world, some of which saw payment data stolen or compromised.

Since Friday, MyFitnessPal has warned customers that 150 million accounts had been breached; Saks Fifth Avenue and Lord & Taylor revealed that the financial information of five million customers had been hacked; and Panera Bread revealed that up to 37 million customers may have had their accounts and credit card numbers stolen.

WATCH: Massive data breach at Saks, Lord & Taylor stores

Click to play video: 'Massive data breach at Saks, Lord & Taylor stores'
Massive data breach at Saks, Lord & Taylor stores

While it’s getting harder and harder to keep up with data breaches, experts advise consumers to quickly identify whether their financial data has been compromised, and subsequently take steps to protect their credit.

Story continues below advertisement

1. Have I been breached?

If you wake up to the news that your favourite retailer or coffee shop has experienced a data breach, the first thing you should do is check your credit card statements for suspicious purchases, said Symantec Canada’s general manager Ajay Sood.

“Obviously the first thing you should do is check your credit card statements,” Sood said. “It sounds like the obvious approach, but you should look for suspicious transactions.”

WATCH: Should companies be penalized for data breaches?

Click to play video: 'Should companies be penalized for data breaches?'
Should companies be penalized for data breaches?

Sood explained that it’s important to look for anomalous purchases — things you don’t remember buying. Furthermore, these may not always take the form of large, obviously-fraudulent payments. Those concerned about breaches should also examine their statements for small, repetitive transactions as well.

Story continues below advertisement

“They will siphon off $5 or $10 at a time. They’ll try to cut off thin pieces for a while before they take a big bite out of the victim,” Sood said.

In addition, if you’re concerned about a particular data breach, pay attention to notices from the company that state when the initial hack took place. In the case of Saks Fifth Avenue/Lord & Taylor, for example, the breach dates back approximately a year.

Customers of that retailer should go through their credit card statements back to the date of the initial hack to ensure they don’t miss any nefarious activity. Experts warn consumers not to ignore smaller purchases they don’t recognize.

While it may seem insignificant, “in reality, it’s go-time for fraudsters,” explains Paige Hanson, identity education lead for Symantec. Oftentimes, she said, these purchases indicate that the hacker is testing the waters to make sure the card works — and that the cardholder isn’t watching — before making any major purchases.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

2. What do I do now?

So you’ve gone through your credit card statements, and you’ve noticed several payments that don’t add up. What do you do? That depends on how you made those payments.

Story continues below advertisement

Immediately report any suspicious activity on your account to your bank or credit provider. If these purchases were made on your credit card within the past 60 days, credit companies and banks will often reimburse you for the payments with little difficulty.

WATCH: Hudson’s Bay Company says Saks 5th Avenue, Lord & Taylor stores affected by data breach

Click to play video: 'Hudson’s Bay Company says Saks 5th Avenue, Lord & Taylor stores affected by data breach'
Hudson’s Bay Company says Saks 5th Avenue, Lord & Taylor stores affected by data breach

However, if these payments were made on your debit card, consumers are required to report the missing funds to their bank, which will then need to conduct an investigation into the issue before restoring the funds.

Sood adds that at this point, it’s crucial to change your credit card number and your pin number. Furthermore, it’s prudent to change the passwords for your banking accounts and financial accounts as well.

3. Can I prevent this?

While there isn’t a long list of things consumers can do to actively avoid credit card breaches, experts do recommend taking certain precautions to lower the possibility.

Story continues below advertisement

Firstly, Hanson urged consumers to talk with their bank about placing an account threshold on their banking account, which will alert users if purchases over a preset amount are made on the account, and if any suspicious activity occurs as well.

She also advised against setting up automatic payments on credit card bills, as they make it easier for consumers to go months without looking at their statements, thus increasing their chances of missing a breach.

WATCH: Bell data breach lost personal data for 100,000 customers

Click to play video: 'Bell data breach lost personal data for 100,000 customers'
Bell data breach lost personal data for 100,000 customers

Furthermore, Sood recommends that users keep a close watch on their credit card statements “the way you’d keep an eye on your cash,” and to try to do business only with trustworthy retailers.

Lastly, both Sood and Hanson agree that mobile payments are oftentimes more secure than physical credit card payments because the transaction is always encrypted, and will usually involve multiple steps of authentication (for example, Apple Pay encrypts payment data, and requires two-factor identification).

Advertisement

Sponsored content

AdChoices