DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Is Target’s offer of an Experian-only ID theft product good enough?

Posted on January 13, 2014 by Dissent

idRADAR has some comments about Target’s offer of an ID theft product. I found it interesting to read because I wouldn’t have realized that what Target negotiated was not the usual kind of product that checks all three major credit reporting databases – Experian, Equifax, and Transunion. The plan Target arranged with Experian only checks Experian’s database.

Read the article and see what you think.

Category: Business SectorID TheftMalwareU.S.

Post navigation

← What Happens in the Hospital Doesn’t Stay in the Hospital
NC: Ex-Alamance County employee pleads guilty in identity theft case →

11 thoughts on “Is Target’s offer of an Experian-only ID theft product good enough?”

  1. IA Eng says:
    January 14, 2014 at 12:12 pm

    OK, Target gets hacked. They steal credit card data. They may get some Personal Information, but not alot. So – whats ID Theft have to do with a credit card hack?

    The companies that offer this sort of service just want to appease the customers and make them feel like they are getting something “free”. A year’s worth of service is nice, but utterly worthless if the crooks just have a CC number that eventually will get replaced.

    I think the companies should pay the card companies the fees to replace all of the cards that were affected, and its done in a timely manner. Timely, as in like as soon as humanly possible, like 1-2 working days after the breach, the cards are being procesed. That way, the hack is about worthless.

    Sure there will be miscreants out there buying up bad CC numbers and attempting to use these numbers once the dark side posts them on the evil websites. But a bank – hopefully knowing of the breach will not process the CC payment, letting the card die on the vine.

    It would be so much easier if the card had an extra set of four digits. These could be random numbers, much like they are on a RSA style token. Upon using the card online or at a counter our ATM, the extra numbers have to be punched in via keypad. It would be like a one time passcode that must match what the processing side sees as well. Failure to do so after 2 attempts means a potential fraud alert is generated.

    The longevity of the cards is probably too long as well. I think CC’s should be good for no more than 2 years, which will shorten the chances of the card becoming compromised. The card would need to have security features built in to detect tampering.

    Obviously the way that the financial institutions are doing “business” is making the crooks rich, and then the financial institutions are raising rates to offset losses. A newer way of doing business won’t come about if the “old way” is producing the financial institutions enough revenue to offset any losses. If they are making Billions off interest charges, then in their maind they are proably thinking….why change? Business is good, so they are good with the way its working.

    The way of the CC propaganda process is broke.

  2. Bill Stark says:
    January 14, 2014 at 1:16 pm

    Remember that 70,000,000 records were exfiltrated by hackers of Target. This includes other personal information beyond credit card numbers — personal info which can be used to steal identities. This is bigger than credit card fraud.

  3. Alois Hammer says:
    January 14, 2014 at 2:11 pm

    idRadar:

    Site under maintenance
    What’s on Your ID RADAR?

    idRADAR is Coming Soon!

    1. Dissent says:
      January 14, 2014 at 3:13 pm

      Bad timing for their maintenance. I want a new law that says “If I link to you, you have to be there. Always. And. Forever.” 🙂

  4. rcrsv says:
    January 14, 2014 at 2:32 pm

    When you try to sign up for credit monitoring with Target, their site requires full name and email address.

    Then you receive an email from a sketchy looking domain, bfi0.com.

    A whois of that domain leads back to Epsilon in Irving TX, a direct marketing company.

    Epsilon itself had a massive data breach not too long ago, where they leaked personal information on millions of people who then suffered phishing attacks.

    Target never asked my permission to share my personal information with Epsilon.

    Now Epsilon has a list of people who were compromised in the Target breach. This shit has got to stop!

    If you want more info and screenshots I’m @rcrsv on Twitter.

    1. Dissent says:
      January 14, 2014 at 3:58 pm

      I’ve emailed Target and asked them to respond to the concern. I’ll post something if I get a response.

      1. rcrsv says:
        January 14, 2014 at 4:12 pm

        Here’s a thread where Target replies, but repeatedly doesn’t answer the question.

        https://twitter.com/rcrsv/status/423143048793427968

        1. Dissent says:
          January 14, 2014 at 4:15 pm

          I put the question somewhat differently to their corporate communications department. As I said, if I get a response, I will post it.

    2. Dissent says:
      January 16, 2014 at 12:43 pm

      Please see my blog post about this issue on the “mother ship,” PogoWasRight.org: http://www.pogowasright.org/at-risk-if-you-do-at-risk-if-you-dont-targets-problematic-privacy-policy/

  5. Jeanne Price says:
    January 14, 2014 at 5:39 pm

    Have to agree with all these comments about the idRadar News website being down for maintenance. AND IT WAS MY WEBSITE! It’s back now but I agree, Dissent. Links should work forever. And ‘brief maintenance’ should never drag on for 18 hours either!

    My biggest concern with the Target breach after studying it for over three weeks is what will happen if the hackers can match the stolen credit card numbers initially confirmed with the additional data loss involving info like email addresses announced last Friday. The possibilities are gruesome. The credit card numbers are actually a lesser concern in my mind. Still waiting to hear whether Target’s somewhat small offer of credit monitoring will extend to those who lost email addresses etc. They do not have the same financial loss protections as those who experienced fraudulent credit card charges.

    1. Dissent says:
      January 14, 2014 at 5:50 pm

      My understanding is that yes, it is being offered to the “70 million,” too. Their FAQ on the free credit monitoring offer says:

      Who is eligible for free credit monitoring?
      All Target guests who shopped in U.S. stores can take advantage of one-year of free credit monitoring.

      I’m not thrilled with the diluted credit monitoring they’re offering, though.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.