LC shoppers should be alert after data breach

By By Justin B. Phillips / American Press

During Target’s data breach earlier

this month, information associated with an estimated 40 million credit

and debit card

numbers used at the retailer was stolen between Nov. 27 and Dec.

15. The massive breach is believed to be the second-largest

of its kind in U.S. history. In the early 2000s, T.J. Maxx’s data

system was similarly compromised. With nearly 1,800 locations

across the U.S. including one in Lake Charles, the data breach

might have affected residents all over southwest Louisiana.

The data involved in the incident included the customer’s name, credit or debit number, the card’s expiration date and the

security code. Debates still rage over whether PIN numbers, encrypted or unencrypted, were stolen during the breach.

Paul Hartwick, a spokesman for JPMorgan

Chase Bank, N.A., was one of the first bank representatives to speak

publicly in an

interview after the incident. The bank, which does business under

the name Chase, is one of the largest credit card issuers

in the U.S.

“The best way to figure out whether

your account has been breached is keep an eye on your account. Look for

transactions you

don’t recognize. The good news is that Chase and many other

banking institutions will not hold you liable for these charges,”

Hartwick said.

Still, personal banking information

from millions of Target customers is floating around the internet and

finding its way

onto underground websites known for selling that type of

information. These black market sites are known as “card shops,”

stores in cybercrime forums known as places where people can buy

credit and debit card information. The sites are often quickly

taken down, moved and renamed so the content creators can avoid

any type of prosecution.

Two of the remaining functioning sites

selling this information, much of it coming as a result of the Target

data breach,

are kaddafi.hk and octavian.su. Both sites require creating a

login and password before being able to access any of the information.

As of Saturday afternoon, both of the sites were functioning.

One of the sites, kaddafi.hk, has a

reputation for selling quality “dumps,” data stolen from the magnetic

strip on the backs

of debit and credit cards. Once logged in, the user can search for

card information by selecting the bank, searching a portion

of the card number or even by the city the information came from.

On this particular site, Lake Charles was an option in a

drop down menu listing dozens of locations.

Sulphur resident Lane Matte reached out to the American Press after hearing about the websites. Even though he didn’t shop at Target this year, he said he knew family and friends that

used the retailer, and he was concerned they may have been victimized. He also said he wanted to spread the information to

as many local residents as possible.

“The day I saw the website, there were

10 pages of 50 cards from Lake Charles,” Matte said about one of the now

defunct websites.

“So there were over 500 cards on there from the area.”

On kaddafi.hk, there were seven pages

of 50 cards when selecting Lake Charles as the location Saturday. Since

it isn’t possible

to find bank information based on the buisness the card was used

in, Matte said he was encouraging people to try to creatively

match their informtaion.

“I told them that if they see a card

that matches their card’s expiration date, search the date the card was

stolen and put

it in on the site,” Matte said. “They should then check their

receipt from the store to see if it matches the date the site

says it was stolen.”

For local residents still concerned

about the safety of their card information and who have yet to check

their accounts, there

are several steps that can be taken, beginning with contacting

your banking institution. Steps to protect yourself from identity

theft can also be found at the Federal Trade Commission’s website,

www.consumer.gov/idtheft.