Target Security Breach: 3 Lessons Learned


Target Security Breach: 3 Lessons Learned


Written By: Piyush Bhatnagar

The recent security breach at Target has sure made us focus on the growing problem of financial data theft. For those of you who don’t already know, a staggering 40 million credit and debit card records were stolen which led to data theft of as many as 70 million customers. The huge security breach appears to have been part of a broader and highly sophisticated scam that potentially affected a large number of retailers. Target was actually just one of six hundred publicly disclosed data breaches in 2013. So what are he main lessons learned from the Target security breach and will it change non-cash payment methods in future?

1. Credit cards offer better fraud protection

It is important that consumers know how credit and debit cards differ when it comes to fraud protection. The most important difference is that credit cards provide better fraud protection than debit cards. If someone was to steal your debit card they are stealing your money and you would have to argue with the bank to get it back whereas with a credit card, they are essentially stealing the bank’s money.  The law limits responsibility for unauthorised debit card charges to $50 if you notify the bank within two days. For those of you that don’t check your bank statement regularly, if you don’t report fraud within 60 days of receiving your statement, you could lose all the money that was stolen. However, credit cards have zero liability policies so the card owner will never lose a penny to fraud. In that case, why would anyone use a debit card? Well, not everyone qualifies for a credit card and some people that do, chose not to have one to reduce the risk of debt.

2. A security freeze won’t always protect you

After the Target security breach, experts advised customers to put a security freeze on their credit report. This would be the right thing to do if social security numbers had been stolen as it presents the thief from opening new accounts in your name. However, in the case of the Target security breach, it did not make any sense. A security freeze does not prevent fraud on an existing account nor can it stop someone using a stolen card number to shop online or clone a new card to use in store.

3. Will changing your PIN number make a difference?

Target confirmed that encrypted PIN numbers were stolen during the breach but does that mean you should change your PIN if you’re a victim of credit or debit card fraud? Changing it will prevent thieves from withdrawing cash from an ATM using a stolen debit card. To be completely safe, other measures must be taken. Customers need to ask their bank to issue them with a new PIN number.

So, will Target’s massive data breach change non-cash payments for good? Some believe that using cash is the only solution. However, it’s apparent that debit cards aren’t going anywhere anytime soon. The answer is simple; more fraud protection needs to be guaranteed for debit card holders. Perhaps one thing might change, increased information sharing among payments companies may lead to better security and perhaps the breach will lead to adoption of end-to-end encryption systems but time will tell.

About the Author

Piyush Bhatnagar

Piyush is the Chief Technology Officer and Founder at Authomate. Piyush founded the company in 2012 to simplify online security and bring strong authentication to every aspect of life without any added complexity. His responsibilities as CTO include leading innovation, developing product vision and product development.

Piyush is a seasoned technology executive, entrepreneur and consultant with experience in technology development and management. During his 25 year career prior to starting Authomate, he worked for defense, information technology, and network security companies, where he built an extensive resume managing global software teams and executing product strategy.

View all posts by Piyush Bhatnagar

Leave a Reply