Data breaches are all too common these days as restaurants and retailers are announcing more frequently that consumer’s personal information have been compromised. According to Business Insider, many of them are caused by flaws in payment systems, either online or in stores.
Here’s a list of known data breaches thus far in 2018:
- Sears – Sears alerted customers on April 4th of a “security incident” with an online support partner 7.ai that may have resulted in up to 100,000 people having their credit-card information stolen. The incident affected shoppers who bought items online from September 27, 2017 to October 12, 2017.
- Delta – The same security incident that affected Sears has also affected Delta. Both companies use online support partner 7.ai. The airline said customer payment information may have been vulnerable but did not estimate how many of its customers were affected.
- Best Buy – Best Buy informed customers on April 5th that it was affected by the 7.ai breach as well and stated “a small fraction of our overall online customer population” was affected in the breach.
- Saks Fifth Avenue/Lord & Taylor – Hudson’s Bay, the parent company of Saks Fifth Ave and Lord & Taylor, announced this month that a data breach compromised payment systems and therefore customers’ credit and debit cards. Estimates of the amount of affected customers have not yet been released.
- Under Armour – Under Armour confirmed in March that data from its MyFitnessPal app was accessed by an “unauthorized party.” Payment information was not released, but more than 150 million people’s information was likely compromised.
- Panera Bread – In April, Panera Bread was notified of a data leak on its website. Based on usage data, KrebsOnSecurity.com estimates that data from at least 37 million consumers was leaked. This type of data includes names, email and mailing addresses, birthdays, and the last four digits of the customer’s credit card.
- Applebees – RMH Franchise Holdings, which operates several Applebee’s restaurants, announced news of their data breach in March. According to RMH, the breach was designed to capture payment card information and may have affected a limited number of purchases made at the affected locations. Applebee’s locations in Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania, Texas and Wyoming were affected by the breach.
What can you do?
There are couple of different options consumers can take in order to protect their information. The Federal Trade Commission says freezing your credit or signing up for fraud alerts are two ways to do this.
With a fraud alert, businesses must verify a person’s identity before opening a new line of credit. With a credit freeze, no one — including the consumer themselves — can access the person’s credit report to open a new account. And, according to the FTC, these options do not affect your credit score. The fraud alert is also free to implement while the credit freeze usually costs around 10 dollars.
A fraud alert lasts 90 days. If the consumer does not take action to renew the fraud alert it will automatically expire after that. It is important to note that identity theft victims are entitled to an extended fraud alert, which can last seven years. In Texas, a credit freeze lasts until the consumer lifts it, either temporarily or permanently.
For a fraud alert, you can contact one of the three major reporting agencies (Equifax, Experian, TransUnion) by phone or online. For those who want an extended fraud alert must send their Identity Theft Report, which can be created at Identitytheft.gov. With a credit freeze, you’ll need to contact each reporting agency separately.
Ultimately, fraud alerts are much more commonly used than credit freezing, but may not be as effective as credit freezing when it comes to keeping someone from opening new accounts.