10 Things to Learn from the 40 Million Credit Card Theft from Target

Mar 24, 2014 BY Francis Ssennoga

News of 40 million credit card numbers stolen from Target Corp was a big wake up call for everybody and officials at Target have been sweating since the theft. Because of the rampant internet hacking, some businesses are cashing in, exploiting the fear, scaring clients even more that they are the next targets as they sell their security solutions. But as hacked businesses sweat and others cash in, what can the average person do?

Here are 10 things an average person can use to equip themselves in the light of rampant cyber crime even before they spend thousands on online security products. I would like to start with exploring what you may know and what you may not know.

What many do not tell you
The first person to bear the responsibility to secure the financial transaction is you, not the online shop, not law enforcement, not your work place and not government but you. What loop holes does your nature of doing things introduce in your security? This is something you might be hearing for the first time because know body wants to say it. The shops will tell you that they have you covered so that you can come in to shop. The authorities have to show responsibility by saying that they always look out for you even if some of them are not sure how prepared they are if disaster was to strike. To be politically correct they must avoid the alternative which would be too irresponsible to say. But I will say it to you now.

You are your first line of defense
Some people simply do not want to play this role, others do not know where to start so they put blind trust in whatever system is being used or rely on what they have been told. But I am telling you to build your first line of defense. Everybody else, every department, shop or security firm comes in second. Be the first person to secure your transaction and the buck should stop with you. You must take charge and not leave your security to the store or online shop. Even the government should come in at a later stage after you have taken the first steps to protect yourself. Do not put all your hope in suing so and so after the fact because that too takes a toll. Until problems happen, you may not know that you will ultimately bare the consequences. For instance, one person said that they will not shop at Target again. But that might be too late and Target will not be the only target. Thieves are every where because the motivation is big as you will see here below.

Identity theft is for money
This is another one of those statements that will get me in trouble for writing the obvious - of course most thieves steal for money. But do we really act like we believe that?

Every time there is a theft, a lot of people seem surprised that thieves could do such a thing. Some people even wonder - how could they do that during the holiday season? But this is when a lot of money will change hands. It is happy times for everyone including the thieves. They invite themselves to the party because there is big money involved. People get generous with their financial data, are most likely to lower their guard in the festive season and thieves know that. Most times identity thieves swing into action, there is a big financial benefit. In other words, where there is a lot of financial transactions taking place like a sale, holiday season or promotion, thieves will be there and will crash the party at any opportunity. To avoid becoming the loser, take note of some tips below.

Examine your transactions
Here you have to ask yourself a series of questions about your financial transactions - where do they happen, when do they happen, how do they happen, who are the parties involved and what information is required? Is the financial transaction you are about to take secure? This is the most obvious thing to say and I am sure some of you will say - of course my financial transactions are always secure. But are you sure about that? How can you tell that they are secure? Do not proceed unless you have a way to tell that your transaction is secure.

Just enough information, not more
Ask yourself - am I giving more information in the transaction than I need to? If you are shopping online, are you at the actual site that you intend to be like target.com or you are at targetsolutions.com? Do you know how that site should look like when it is secure? Do you need to pay online or you could accomplish the transaction by cash? Do you need this promotion signup that requires your private information?

It is important to pay attention to information being requested. Always desist from giving information based solely on habit without questioning the entire process and the reason why that information is needed. Sometimes as you pay your bills online, some phone attendants may ask you questions that you don't need to answer to complete your transaction. You are not compelled to answer these questions. Ask the inquisitive representatives what you will get in return for your generosity. If it is not worth it and you are not sure how they will store the information, say to them that you just have time to do what you want to do.

Examine the Business Process
Many experts urge their clients to take lengthy steps to secure their identities and privacy. What these experts leave out is that many businesses out there have not yet modernized the way they do things from the computer security stand point. Consumers may spend all they want on packaged online security solutions but they are still easy prey to hackers and con artists. Here below are a few instances why my assumption is not far fetched.

One cold day in Minneapolis, my truck developed a problem on the highway and came to an abrupt stop. Attempts to fire it up again were all in vain. To make matters worse, my cell phone had long run out of battery. I was now on my own. I waved to get the attention of the several drivers zooming past me and failed to get a good Samaritan. It was getting dark now and I had to start walking or freeze in my broken down vehicle in the dark on the highway close to dangerously speeding cars.

After some minutes of walking on the highway cab-side, a kind young man pulled over and picked me up and drove me to the next tow truck center. There I got a tow truck to get my car off the road. The tow truck guy dropped me and my truck at the nearest garage and asked for his fees. I produced my card because I had not moved with enough cash. What he did next left me speechless.

Identifying Gaping holes in the process
In a casual and conversational mood, my tow truck guy asked for my credit card number, the expiry date, the address and the 3-digit card code that is found on the back of the card and proceeded to write them all on his oily clip board. Right there in his log book was my entire credit card information. As if this was not enough shock, he proceeded in a friendly chat to show me how busy the cold day had been by showing me a list of about 30 other tow truck clients who had called in that day with their information displayed on the log book. Although I did not read the numbers off, I knew that in his truck, on an oily log book, he had several easily accessible identities. This being a business process, we can all see how an identity thief can collect 'gold' from a tow truck. It could be a janitor or a maintenance guy at the tow truck center where the log books are kept. These identities are as secure as those oily log books.

Unwilling accomplices
The young man who did the towing was just doing his job and he told me he has been doing that since he was in his teens. He loved his job but he did not know and no body had told him how dangerous his record keeping system was. His boss just wanted to know how many trucks have been towed. You can imagine how many numbers they have lying there on the floor or in some dusty box at the towing center! All a hacker has to do is to get a job as a janitor at the tow truck headquarters and he will dig the 'gold'. Target Corp has many partners and someone, doing their job in a similar manner may introduce a hole or two for thieves to create a road into your system.

More on unwilling accomplices, a visit to a local restaurant here further illustrates how difficult it still is be safe. Read on and see what I found.

One day after a good meal at a restaurant, I took the trouble to look closely at my receipt and to my shock I saw that my card number had not been masked. Although many restaurants have tried to secure clients cards there are still those that leave these numbers exposed and sometimes in the box next to the card machine. A disgruntled employee can land on these numbers and walk off with some identities. It could be the person who cleans the place or the electrician on an occasional visit. The client will have no clew why money is leaving their account until they trace this back to their visit to the restaurant.

In both the above cases, hackers could easily get into seemingly secure systems via free data from insecure business processes and poor systems integration.

Data is money and the road most traveled
Again this is another obvious one to say because everyone knows data but many do not equate it with money. Let me elaborate.

I have traveled across the United States and beyond and one thing I give credit to people here is that they keep a tight leash on the dollar. Growing up in Uganda as a kid you would find a shilling lying on the ground with dew on it. People would lose their shillings every day and excited lucky kids would pick the money up and run to buy Ugandan banana pancakes. Kids would find anything but not a dollar. It is understandable to see less lucky kids in Uganda because the dollar is not in much supply there. But even here, I found out kids have not been as lucky. People know how to guard the dollar and do not even easily give it away. To my surprise, many people do not realize that data is money and should be under the same tight leash.

Data is all over the internet and people just generously give it away in phone calls to unknown telemarketers, in chat rooms to strangers, via email to people claiming some type of inheritance from a fake rich parent, to less beneficial promotions, etc. But data is the 'road' most traveled by criminals to a victim's bank account and to the victim's dollar. Cyber thieves have become lucky, minting cash with data. And we all know the importance of cash.

Cash is the King!
In the case of the tow truck and at the local restaurant, a trip to the ATM would have been my best bet. If you are eating a meal of $30, a visit to the ATM might help you more than saving the $1.26 ATM fee. The beauty with cash is that people know how to secure it like I said already, more than they secure data which comes with any digital transactions.

Summing it all up
Just like you just do not go and tell every stranger your last name, you must secure your data because it is money. Like the chain, our information is as secure as the weakest link. Take charge of your security before anyone else because that will push you to pay attention to some things as we saw above and force you to change some of your habits to avoid bad business processes. You are your first line of defense and the buck on security stops with you. Do not pass it to anyone.

news letter signup

Message Sent Successfully.

Message Sending Fail.

insight scoop


5 Ways to Strengthen Membership Loyalty in Your Small Staff Association

In small staff associations, it is not easy to cultivate a loyal membership. There are so many ways member growth can stagnate or decline. Many association leaders are scratching their heads to keep their associations attractive and that way avoid falling member numbers. I have five ways here below that will help strengthen member loyalty. See what works in your case.


5 Ways to Simplify Association Management

In a small staff member association, some of the vital activities can also become major hurdles if you do not have the right tools. As an association manager, your membership management can turn into frustrating work and take away most of your time that you would have used more productively. See how you can remove this extra work here below.


10 Things to Learn from the 40 Million Credit Card Theft from Target

News of 40 million credit card numbers stolen from Target Corp was a big wake up call for everybody and officials at Target have been sweating since the theft. Because of the rampant internet hacking, some businesses are cashing in, exploiting the fear, scaring clients even more that they are the next targets as they sell their security solutions. But as hacked businesses sweat and others cash in, what can the average person do?


5 Things to Learn from the $19 Billion Facebook Like of Whatsapp

The $19 billion deal between Facebook and Whatsapp received tremendous attention throughout the world. The mixed feelings that came with this block buster buy, varied from joy, pride, awe, shock and of course; envy. But regardless of the feelings you had when you learnt of the news, you can still take away something from the Whatsapp pay day. I noted 5 key things you could learn from the buy. Before the scoop though, let me revisit some of the emotions that the deal triggered in people the day of the news.


Reducing your Microsoft Outlook Express Mailbox Size

Trouble shooting your Microsoft Outlook email box can be frustrating if you do not have an idea what needs to be done. This article is intended to give you a tip on what to do when your mailbox is full or almost full preventing you from sending or receiving mail. There are quite a number of things you can do when you receive a message, "Your mailbox is full". These are usually; deleting unwanted 'sent' items, deleting unwanted mail especially mail with attachments and completely removing your 'deleted mail', from your mailbox. There is one extra thing that could be done but is not usually mentioned in recommendations to reduce your outlook express mailbox. This is checking your 'drafts' folder. This is the subject of my discussion today.


Fittness for IT Professionals

IT professionals as myself have some common characteristics among which are; sitting on a computer for very long hours, working alone away from others, skipping meals to finish a fun project and many more. Looking at these characteristics shows you right away that these might be incompatible with staying fit which can result into bad consequences in the not so far away future. This blog posting is intended to provide some quick tips on how IT professional can stay fit but at the same time keep delivering on fun projects.


Why a Business, an Organisation or an Individual needs e-Presence

There are always many warning signs that indicate to a business, individual or organization that there are doing excessive work that could be performed in seconds by computers.


Web Strategy for Job Hunters

Strategy in the most simplest terms, is a plan to move from point A to point B, point A in this case being the point of origin and B being the destination. Deploy web strategy in job hunting, business, love search, etc.

arrow left
arrow right