Credit Card Security Breaches

[AZZenny]

About a 4-5 weeks ago I was contacted by Capital One to verify some purchases on my CC. They're slick the way they do it, run a bunch of innocuous ones by you and then slip in the "WTF!?!" one -- I apologized for being so snotty while they asked me about the normal ones (I mean, if they don't know where I buy clothes or wine online by now...) because they'd rejected the $1500 attempt on Air Canada, correctly. They suggested that since someone had enough info to try to buy a (presumably international) plane ticket, I ought to assume they had gotten a lot of my personal info.

So got a new card, and went along happily. They called a couple days ago again, but everything was legit (I had just gotten something a bit pricey online from Canada, though.)

This morning, my Credit Union calls about a possible fraudulent use of my CU credit card. This time someone tried running what they called a "probe" for a tiny amount (like $2 and change) for spa purchases someplace that probably doesn't exist, and the card was automatically declined. Gotta cut that card up now, too, and get another new one.

Couple questions:
1. The CapOne card I use a ton, so I figured it could have been compromised a lot of ways. However the CU card I use maybe a dozen times a year, so much less clear how it got lifted. The guy from the CU seemed to think because of the nature of a 'probe' and that I use it so rarely that it was likely some 'downstream' security breach at a company that had the card number and info on file -- like when thousands of accounts are stolen -- and unrelated to the Cap One issue last month. Does anyone knpow if that makes sense?

2. I'm half-tempted to cancel any credit cards I have -- from my main bank, gas cards, dept stores, etc -- and start over from scratch, but man, what a hassle if that's overkill. I use most of these cards irregularly or on a very limited basis. Advice? Should I maybe contact my main bank cc and alert them to watch out for fraudulent purchases?

3. Should I do anything to notify anyone else, like credit bureaus? PayPal? Change all my passwords to everything online?

Thanks

 

[LVG]

My personal opinion:

The compromise of your CU card is an indication that the breach may be larger than you thought. You have two options:

1. Cancel the CU and CC card and watch everything carefully;
2. Go full nuke'em and reset everything.

You can contact the credit bureaus and have them put you on Fraud Watch, which is where they basically lock down your credit report. Anyone who runs your credit (IIRC) or tries to open an account is pretty much told they're locked out. I think it's good for 30 or 90 days.

I'd also scrub your computer, and then change the passwords. I had a situation happen to me several weeks ago where I just got a new debit card, ordered something online, and within 2 days probe charges from the Ukraine started showing up. I had to nuke the card, then my computer (I think it was leftover from a virus I had about 6 months ago), then changed all my passwords.

Better to be safe than sorry, IMO.

 

[conraddobler]

DON'T CANCEL ALL YOUR CARDS!!!!

At least not at all lightly.

Dave Ramsey forgive me.

Your credit score can nuked if you do that.

http://www.bankrate.com/brm/news/cc/20061114_cancel_card_credit_scorea.asp

Once you have an account with anyone it's better not to cancel it unless you have to, you can monitor these things relatively well and also most cards have features that will email alert you to any charges over x.

If you have a complete breach of your information then someone could start opening accounts in your name which is what the monitoring will alert you to, any new inquiries and any new accounts will show up quickly on the emaill reports.

better solution IMO is cheap credit monitoring, something like each credit reporting company sells. You can always work with your card holders too and take their advice but just beware closing down a card and then re-opening it, if they do it wrong you'll lose credit for all the history you have on the account. Credit scoring is a bit more complicated than a lot of places tell you. You have no choice if a card is lost or stolen many times but if the company you're working with really cares IMO their customer service should put the new card on your report correctly ie put back all the time rated on it.

If you just cancel one and open a new one incorrectly it looks like a brand new card if done wrong which can impact your score.

I recommend reading this

http://www.myfico.com/CreditEducation/

http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre07.shtm

http://finance.yahoo.com/banking-bu...hat-affect-your-credit?mod=series-m-article-c

That last one length of account is what I was talking about when one is canceled and replaced.

http://www.transunion.com/corporate/personal/creditTools.page

This monitoring also comes with a free credit report every so often so you can pull one on yourself and review it to make sure that you're the only one using them and they're all ones you've opened.

Your credit score affects more than you think, It can affect insurance car and home owners and of course any loans you might get.

Chances are someone you swiped your card or gave it to way back whenever is who might have done the probing or sold it to someone who did, if one more card starts doing funky things then I'd say you have a more serious problem but the monitoring will usually catch this fast enough you can alert your card holders.

Try to avoid using a wirelessly connected computer to input your credit information over, don't let people get out of your sight with a card, make sure they give it back quickly, CELL PHONES HAVE GREAT CAMERAS NOWDAYS.

Hope this helps.

 

[AZZenny]

LVG and conrad, thanks -- that's very sensible info, esp conrad's caution about screwing up my credit. I will work over my computer, change passwords, and notify the other major card I use, and look into the credit/identity monitoring thing -- I think CapOne offers one at a fee, and their fraud people have been extremely sharp IMO.

The thing I keep thinking about is that 35 years ago when my mother-in-law and I flew back from 7 weeks in China and Japan, we landed in Hawaii to change planes, and I was detained literally on the tarmac and grilled by some sort of U.S. officials for 10-15 minutes while they ran additional checks -- they would only tell me my name, including the slightly unusual spelling, had been flagged for the primitive version of a no-fly-list (or maybe it was Interpol, who knows - I was jet-lagged, bewildered as hell, and indignant).

I sometimes wonder if I've had a criminal or terrorist doppelganger out there all those years -- although if so, Israeli security would have let me know in spades, I have no doubt.

 

[Shane]

http://www.arizonasportsfans.com/vb/showpost.php?p=2421116&postcount=6169

Here's this weeks sob story from me zenny. Sorry to hear that.