Posted on 01/11/2014 7:11:32 AM PST by TurboZamboni
Target's disclosure that hackers stole customers' names, home addresses, phone numbers and email addresses suggests that the crime was an inside job, a fraud analyst said Friday.
The new batch of stolen identity information -- from up to 70 million additional Target customers -- is not stored on the point-of-sale devices used to pilfer the payment card data, said Avivah Litan, a fraud analyst at information technology firm Gartner.
The fact that the thieves got access to a second data source makes it more likely they had the help of an insider.
(Excerpt) Read more at twincities.com ...
I tried to buy a bottle of wine at Target a couple of months ago and the cashier wanted to card me and scan my driver’s license—even though I am clearly over 40.
I made a big fuss and refused to let him scan it. I wonder how many people have their licenses scanned in situations like this ? Is this information stored? I assume so.
What can a crook do with a copy of a driver’s license and a credit card?”
BOL! On my 65th birthday, my wife and I were shopping at Walmart, and I bought a bottle of wine, and the clerk carded me.
I thought my wife had served in the Navy instead of me re her remarks to the clerk. An asst. manager, came up to calm my wife down.
That Walmart had been targeted by the State Alcohol Beverage people and put underage people in the store to buy liquor. Two clerks lost their jobs due to selling alcohol to minors. So they were on a big alert.
A younger relative, who used to work for a credit card company’s fraud division advised us to never sign the back of a card with our signature. Instead, he said to put down, “See Photo Id”, aka drivers license.
Then, he said never let anyone scan your drivers license.
Have it under a clear plastic attachment so the clerk can see it. If they want to scan it, tell them to keep their purchase.
He, also, said to never etch your driver’s license on a valuable. If you had etched it, you need to block out the numbers.
A driver's license and birth certificate establishes identity and citizenship for just about any purpose. I would think it would be easier to finagle a birth certificate. All someone has to do is find out where you were born, then go to the town hall and pick up an embossed copy.
With those three things, they're good to go.
"Duh"
I’m sure that it was not some rogue employee. When I made a spectacle of myself the manager came over and defended the employee. (”It’s policy”.)
Re the 110 million customers hit, there are other areas of disclosure, most of us are not happy with:
http://www.startribune.com/business/239599471.html
“Target reveals more customer data exposed in breach”
‘The size and scope of the consumer data heist from Target Corp. last month is much greater than previously thought, with up to 110 million people at risk by the exposure of credit and debit card numbers, as well as mailing addresses, e-mails and phone numbers, the company said Friday.
The revelation means that the data breach may be the largest ever involving a U.S. retailer and could lead to more complex types of fraud and identity theft for many of those affected.
“It’s big, it’s ugly, and it’s not fun for anyone but the bad guys,” said Jacob Ansari, a data forensics investigator at 403 Labs LLC in Brookfield, Wis.’
It’s the size, 110 million, that has red flags up for me. How many shoppers are there in the US? Subtract out kids under 16, and it really means that at least 1 out of every 3 adults bought something at Target.
That doesn’t pass the smell test for me.
At checkout the O’Reily auto parts clerk asked if I wanted to join their club card. I said no, I already had too many.
Clerk said he had too many also.
“Target stores are retail stores in the United States that sell variety of merchandise. There are over 1725 target stores in the United States. The very first target store was opened in Roseville, MN in 1962. “
If there have been 110 million purchases in these 1725 stores, that means there 64,000 unique customers per store.
I don’t know what time period this was supposed to have occurred over, so I can’t go further.
The data appears to be coming from Target.
If you want to read it again.
If not, as Jim Rob would say, “Whatever!”
Beat me to it. That's 1/3 of the entire population... every man, woman, child and illegal. That 110 million simply doesn't make any sense. There is no way there are 110 million people with cards out there. Was this number based on transactions with Targets cards, transactions with other cards, transactions with BET cards, transactions with checks or transactions online using every means of transactions imaginable or Target's data from mailings and those annoying "can we get your phone number"? No way did 110 million people make purchases in two and a half weeks. IOW, this is ALL of Targets' records meaning if you purchased something 10 years ago, you've been got. This isn't passing the smell test. Dry run by the NSA or whatever alphabet agency? Or another country or terrorist group? This wasn't done by a guy living in mama's basement. Was the initial date gathered in those two and Are we soon going to hear that the entire banking industry has been hacked?
I’m wondering if they got one piece of data, if that would chain into more and more pieces of data? Say you used card A at Target. Would that open up links to cards B, C and D in your wallet? And if your spouse’s name was on any of them, would it open up cards X, Y and Z in their wallets. Then you signed for Junior and Juniorette to get cards when they got of age and this eventually wiggled it’s way into their data, too.
I’m in the fortunate 66% unaffected. Some time ago, I tried to purchase something on line (towels, maybe) from Target but their website demanded that I reconfigure my settings to accept their cookies before I could even browse their site. I thought, if they’re that intrusive, then I don’t need to do business with them. Now I’m glad I didn’t.
Nice try, but no I don't work for one. Stuff like address, email, phone number is stored on other systems run by the credit card companies. After all, if you move or change your phone number the company doesn't issue you a new card. The fact that customer specific information was obtained does not mean that it is stored on the card, it means that the systems containing that information were penetrated.
Grocery stores with customer perk cards now likely provide requested data to insurance companies to comply with some nuanced part of the thousands of pages in Obamacare . That way they can base your rates on the foods and things they see you’ve been buying. Nothing is private any more.
It’s standard practice for me to get a “customer perks” card using an invented name. I like using Chick Hearn and the Laker’s ticket line phone number and arena address when I sign up. Must be a TON of junk mail going to my alter ego. Never give in.
10-4 on that. About 10 years ago when Jewell Foods started the card thing in the Chicago area, I suspected as much and refused to get one. The checkers would reluctantly scan a store card for me to get the discounts.
I objected to the card on the grounds that it was an invasion of privacy. I gave examples of my concern that someday, the government might decide whether or not I was entitled to a particular medical treatment based on my database. Most people thought I was being paranoid and there would be no database. But, look where we are today.
By the way, I contacted the Jewell headquarters, they admitted keeping such data on individuals. To Jewell's credit, they ceased the card program last summer.
“The fact that customer specific information was obtained does not mean that it is stored on the card, it means that the systems containing that information were penetrated.”
How was our personal data obtained?
‘
Why/how did this ‘coincidence of penetration’ happen when the cards were being scammed in what appears to be a massive inside job?
We may find out just what is really on mag strip on our credit/debit cards.
Again, how was our personal data was obtained during this ‘coincidence of penetration’?
The Target collapse re data breeches is just one of many such problems, aka the tip of the iceberg:
http://www.freerepublic.com/focus/f-news/3110887/posts
Target Stores security breach just the tip of the iceberg
American Thinker ^ | 01/12/2014 | Rick Moran
Target has increased the estimate for the number of customers exposed in the massive hacking attack between Thanksgiving and December 14. It now appears at least 70 million consumers had their credit cards compromised.
Also, Neiman-Marcus announced that they, too, were victims of a cyber attack over Christmas. And in an exclusive report, Reuters is saying that several other well known retailers were also hacked over the holidays.
Neiman Marcus said an outside forensics firm discovered evidence on January 1 that indicated the retailer had been the victim of a cyber attack. It disclosed the breach nine days later, after another inquiry from Krebs, who was following up on reports about a surge in fraudulent charges traced to the retailer.
Target and J.C. Penney Co Inc. waited more than two years to admit that they were victims in 2007 of notorious hacker Albert Gonzalez, who was accused of masterminding the theft and reselling of millions of credit cards and ATM numbers.
During his trial the companies were represented by lawyers who did not identify their clients as Target and J.C Penney.
Doug Johnson, vice president of risk management policy with the American Bankers Association, said banks and credit card firms like Visa are forbidden from naming merchants that have been breached, unless they disclose it themselves.
Excerpt go to the link for full story:
http://www.freerepublic.com/focus/f-news/3110887/posts
- Those Obamacare website “Navigators” seem to have figured that that credit card and Social Security info they asked for is giving them a big Chicago style “piece of the action” in the Target Stores scams…..
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.