Data breaches galore

Over the past 40 days, we have seen a lot of information regarding data breaches.  Starting with the announcement of the Target breach, the following breaches have been confirmed.

  • Target - 40 million cars plus up to another 70 million ids/emails, etc.
  • Neiman Marcus - 1.1 million cards
  • Michaels?
  • Snapchat (I know, not card related, but still affects 4.6 million users)

There is also a report from January 13 that this may be the tip of the iceberg, as 3 more may yet to be announced, and the FBI on January 23 indicated that many more may be coming.

What does this mean?   First of all, if you shopped at any of these stores during the time that each store had announced, then watch your bank statements for unauthorized transactions.  Work with your financial institution to replace as needed.

As for after the breach, I believe that this may be a tipping point with regards to EMV in the United States, and perhaps debit cards in general.  EMV (also known as Chip and PIN) is a standard where each card has a chip on it in addition to the magnetic stripe.  The card is swiped and a PIN is entered that needs to match the chip within the card 3 times or the card is locked.  This method is used in Europe primarily and has been recently introduced in Canada, but is not foolproof either (add the fact that it migrates the liability from the financial institution to the end user).

Secondarily, I believe that the use of debit cards will decline (with an equivalent increase in credit cards and/or cash based on the consumer) as people's fear increases that a compromised debit card will lead to a lengthy personal situation as the financial institution works through the fraud and eventually restores the consumers money.  People have already moved to a cashless society, but they will need a platform they have trust in.