After reports of a massive data breach at Target Corp. headquarters affecting over 40 million consumers nation-wide, the Massachusetts Office of Consumer Affairs and Business Regulation is reminding consumers who visited any Target store between November 26 and December 15 need to carefully review their bank and credit card statements immediately for signs of fraud or identity theft. 

Target has issued some information about the breach on their website corporate.target.com. Those who suspect there has been unauthorized activity on their cards should report it to their bank and credit card companies and call Target at 866-852-8680.

Target Corp. has nearly 1,800 stores across the country, all of which were allegedly affected by the breach.  The stolen information includes customer names, credit and debit card numbers, card expiration dates and the three-digit security codes located on the backs of cards. Target Corp. has stated that the data breach did not affect online purchases.

Businesses that experience a security breach and include the personal information of Massachusetts residents are required to notify the Office of Consumer Affairs and Business Regulation as well as the Attorney General’s Office.

Personal information is defined by Massachusetts law as the resident’s first and last name, or first initial and last name, in combination with one or more of the following: Social Security number, driver’s license number or state-issued ID number, financial account number (including insurance information), or credit/debit card number.

Consumers who believe their personal information may have been exposed to misuse should do the following:

  • Immediately change debit/credit card PINs: If your credit or debit card numbers have been compromised, thieves and scammers may try to empty bank accounts or make fraudulent purchases using the obtained data. 
  • Place a fraud alert on your credit report: Contact one of the three major credit reporting bureaus. The one you contact is required by law to contact the other two credit bureaus. This one-call fraud alert will remain on your credit file for at least 90 days. When you place a fraud alert on credit report, you are entitled to order one free credit report from each of the three nationwide consumer reporting agencies.

If you believe you are a victim of identity theft, do the following, of if t there is unexplained activity on your credit report:

  • Consider placing a security freeze on your credit reports: If you have been a victim of identity theft, and you provide the credit reporting agency with a valid police report, the credit reporting agency cannot charge you to place, lift or remove a security freeze. In all other cases, a credit reporting agency may charge you $5 fee for each placing, temporary lifting or removing of a security freeze.

To place a security freeze on your credit report, you should send a written request to each of the three nationwide consumer reporting agencies by regular, certified or overnight mail at the addresses below:

Equifax: Call (800) 525-6285, www.equifax.com, or write: P.O. Box 740241, Atlanta, GA 30374-0241.

Experian: Call (888) 397-3742, www.experian.com, or write: P.O. Box 9532, Allen, TX 75013.

TransUnion: Call (800) 680-7289, www.transunion.com, or write: P.O. Box 6790 Fullerton, CA 92834-6790.

The Office of Consumer Affairs and Business Regulation reminds consumers of the following steps they can take to protect their personal information.

  •  Review account statements regularly: By reviewing statements and tracking transactions online, you may be able to detect potential fraud and minimize its damage.  If you suspect a security breach, contact the companies you do business with immediately.
  •  Check your credit report regularly: Consumers are entitled to one free credit report per year from each of the three major credit reporting bureaus – Experian, Equifax and TransUnion.  You can get your free credit report at www.annualcreditreport.com.
  •  Do not use personal information for passwords: Avoid using birthdays or zip codes for bank account and credit card PINs, and do not keep passwords written down in your wallet.
  •  If there is unexplained activity on your credit report, place an extended fraud alert on your credit report. In order to do this, you need to file a police report with your local police department, keep a copy for yourself, and provide a copy to one of the three major credit bureaus.

The Massachusetts Attorney General has also issued an advisory about this data breach.

The Office of Consumer Affairs and Business Regulation is committed to protecting consumers through consumer advocacy and education, and also works to ensure that the businesses its agencies regulate treat all Massachusetts consumers fairly. Visit the Office’s website at www.mass.gov/consumer. Follow the Office at its blog, on Facebook and on Twitter, @Mass_Consumer