Jeanette A. Tucker | 8/26/2008 6:25:02 PM
Note: LSU AgCenter family economist Dr. Jeanette Tucker was among the thousands of victims of a recent massive cyber theft of Louisiana and Mississippi restaurant databases. Here is her story and the actions she took.
A couple of weeks after enjoying a seafood dinner at one of my favorite restaurants last spring, I was surprised to have a debit card purchase declined. My account was overdrawn, because of a big purchase at a grocery store halfway across the nation.
As a financial educator, I rigorously practice what I preach by following precise identity-theft prevention measures; yet, my debit card number had been stolen. What went wrong?
I quickly contacted my credit union, credit reporting agencies and the sheriff’s office. My card number was soon changed, monies restored, fraud alerts placed and credit reports checked. While I was filing reports at the sheriff’s office, however, investigators were quick to inquire if I had used my card at the very restaurant I had visited. Something smelled fishy….
Fast-forward a few months, and law enforcement officials are reporting that a ring of cyber-thieves have stolen tens of thousands of credit card numbers from Louisiana and Mississippi restaurants. Hackers had swiped credit and debit card numbers from more than a dozen local restaurant computer systems.
News reports suggest that thieves breached insecure wireless networks and inserted software programs similar to a wiretap to collect customers’ credit card numbers. Restaurants appear to be the most common targets because they may be negligent in updating their antivirus software and other computer security systems.
Identity theft is a dual crime involving at least two sets of victims: the business community and the person whose identity was compromised. U.S. Treasury Department investigators and Department of Defense computer security experts are directing their attention to ensure that merchants protect their data correctly to prevent future breaches. Many restaurants report putting additional security measures in place.
Credit card contracts generally protect consumers from fraudulent use of stolen credit card numbers. Department of Defense officials, however, caution there is little credit users can do to protect themselves from breaches such as those experienced by restaurant customers in Louisiana and Mississippi.
Taking certain steps quickly can minimize the potential for the theft of your identity when news reports suggest your credit or debit card numbers may be at risk or if you receive a notice that this information may have been compromised.
Cancel affected credit cards and debit cards immediately. Consult with your financial institution about whether you also should close the bank accounts to which your cards were linked or leave them open for the bank to monitor for possible fraud. Watch your statements closely and report any fraudulent activity immediately to your financial institution.
Contact the three major credit reporting agencies to place an initial fraud alert. They are Experian: www.experian.com, 1-888-EXPERIAN (397-3742); Equifax: www.equifax.com, 1-800-525-6285; and Trans-Union: www.transunion.com, 1-800-680-7289.
An initial fraud alert stays on your credit report for 90 days and can be renewed when appropriate. If you have been a victim of identity theft, you may ask for an extended alert, which stays on your credit report for seven years. To get an extended fraud alert, you will need to contact one of the three credit reporting agencies and provide an identity theft report, such as a police report, including a report to the Federal Trade Commission. If your credit report has an extended alert, potential creditors must contact you before they can issue credit in your name.
Once you place fraud alerts on your credit reports, you should receive a free credit report for your review. Go over this report carefully to look for any signs of identity theft like inquiries from companies you didn’t contact, accounts you didn’t open and debts on your account that you can’t explain. Check that information – like your Social Security number, address(es), name or initials and employers – is correct.
Once you’ve taken these precautions, watch for signs your information is being misused.
Look at your statements as soon as they arrive, and report a discrepancy or anything suspicious, such as a missing payment or an unauthorized withdrawal. Federal laws limit your losses if you are a victim of fraud or theft, but your protections may be stronger if you report the problem quickly and in writing.
Be on the lookout for other signs, such as bills or other mail failing to arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
Other signs include:
– Receiving credit cards you didn’t apply for.
– Being denied credit or being offered less favorable credit terms, like a high interest rate, for no apparent reason.
– Getting calls or letters from debt collectors or businesses about merchandise or services you didn’t buy.
Continue to read your account statements promptly and carefully and to monitor your credit reports every few months in the first year of the theft and once a year thereafter. Federal law provides for consumers to receive one free copy of their credit report from each of the three major credit reporting agencies each year. Free credit reports may be requested online at www.annualcreditreport.com. Stagger your requests to receive the credit reports at four-month intervals.
If your information has been misused, file a report about your identity theft with the police, and file a complaint with the Federal Trade Commission at www.consumer.gov/idtheft.
(Ed: Dr. Tucker has since returned to her favorite restaurant. “The food is still great,” she says, “but now I pay with cash.”)