Sooner or later, your credit card number will be stolen

Jul 24, 2012

Have you ever received a letter from your bank stating "we have learned that some information from your credit card account may have been compromised at an undisclosed third-party location"?

Financial commentator Greg Heberlein and KPLU's Dave Meyer had their cards canceled and replaced by the same bank in recent weeks. They gripe about it on this week's Money Matters, and offer tips on how to minimize the damage.

Credit cards are extremely useful in this digital age of ours. You can automatically pay bills with them and shop for just about anything in the world online.

However, that convenience comes at a price. Stolen credit card numbers are a hot commodity in the Internet underworld, and cyber criminals are working 24/7 to steal your info. Millions of card holders are affected by these thieves every year.

Fortunately, consumers usually don't get stuck with the bill. Federal law limits your liability to $50 for fraudulent credit card charges, and many cards offer zero liability.

Of course, somebody has to make up for all that stolen money. We all pay for it in higher interest rates and fees from the card companies, and higher prices from merchants.

But even though you don't have to directly pay for all those fraudulent charges, a credit card data breach can cost you a lot of time clearing up the situation and updating your automatic bill paying options. Canceled cards can cause missed payments. It's a hassle!

Here's Greg's stolen credit story:

Earlier this month, I went online to purchase an item from a seller I had dealt with many times, including two weeks earlier. My credit card number was stored at that site, so I didn’t have to enter it. Three times I tried to make a purchase, even deleting my card number and re-entering it. No luck.

So I called the card issuer. A security breech had occurred, and my card was canceled. After many minutes uselessly going round and round with the clerk, I was transferred to the fraud department.

For privacy reasons, I could learn almost nothing about what caused this. But I was told the number of cards affected this way had roughly doubled in the previous two weeks.

The problem wasn’t that my account was hacked; it was because many, many accounts were hacked. Someone got into someone’s card system and stole a lot of data.

Dave was luckier than Greg. His card was canceled and replaced before he even knew there was a problem. Fortunately, the card was one he kept only for emergencies and wasn't used to pay bills. 

How can you avoid this sort of trouble?

The only way to dodge it completely is to cancel your cards and throw them in the shredder. But very few of us are willing to go with "the nuclear option".

The main thing you can do is remain vigilant.

It’s a good idea to check your card purchases on a regular basis to uncover fraud as soon as possible. Don't just wait for the monthly bill. That way, you can notify the bank sooner. Greg recommends checking daily, but Dave isn't that paranoid and tries to do it weekly.

If your card doesn't offer zero liability for fraud, you might want to trade it in for a card that does. $50 is a small price to pay for a data breach, but why pay it if you don't have to?

Credit card fraud is closely tied to identity theft. Here are some precautions you can take:

  • Don’t carry cards you don’t use, or rarely use.
  • Don’t carry receipts, passports, social security cards or birth certificates.
  • Don’t keep a blank check in a wallet that could be stolen.
  • Leave passwords locked in a safe place.
  • Copy your Medicaid card, black out the last four SSN digits and carry the copy.
  • Keep your computer antivirus software up to date.
  • Learn how to recognize phishing scams.

In the end, we all have to accept the fact that, eventually, our card numbers will be stolen. But by taking a few simple precautions, you may be able to head off some nasty surprises.