Global Payments Inc., which processes transactions for major card companies including Visa and American Express, announced Friday that hackers broke into their systems and stole up to 1.5 million card numbers. The company also said that hackers did not access names, Social Security numbers, or addresses.
It’s not the first time a major company has announced such a breach, but it’s among the more concerning electronic break-ins, because so many Americans are affected and because of the potential fall-out. If hackers have credit card numbers, then they can potentially recreate cards and use them to fraudulently make charges on cardholders’ accounts.
Investigators are now working overtime to make sure that doesn’t happen, but in the meantime, consumers can take some steps to protect themselves and their identities. These seven strategies can reduce your chances of becoming a victim in the wake of this breach and future ones:
1. Pore over your accounts statements like an archaeologist on an ancient dig. The first sign of trouble is often a charge that doesn’t look familiar. Hackers sometime make “test” purchases before bigger ones to see if they can get away with it. Be on the lookout for any charges, big or small, that you didn’t make. If you see any, call your card company right away and report it. As long as cardholders report fraudulent charges within a reasonable time frame, then they are seldom responsible for them.
2. Choose hard-to-guess passwords. Simple words or common names are easy to guess. Same goes for using children’s names or birthdays, which many people might know. Instead, create a long password that combines numbers and letters, which can be easier to remember if it represents a sentence or other mnemonic device.
3. Don’t re-use the same passwords on multiple sites. It’s tempting to aid with memory, but reusing the same passwords can create a major problem if one site experiences a breach. When hackers broke into Zappos’ systems earlier this year, anyone who used their Zappos password on an online bank account or email account suddenly had to change those passwords, too, or fear a break-in.
4. Change your passwords with the seasons. Experts generally recommend changing passwords on online accounts every three months or so; for financial accounts, it should be closer to once a month.
5. Don’t use your smartphone for financial transactions. Unlike computers, many smartphones lack virus-protection software, leaving mobile devices vulnerable to attacks. That’s one reason to avoid conducting financial transactions or even using your smartphone’s browser to login to your bank account. The apps created by financial institutions, on the other hand, often come with built-in protection for safer browsing, so if you’re going to bank on a mobile device, use an app and not the built-in browser. Still, security experts warn then even apps contain some security holes.
6. Enable password-protection on your smartphone. If you store any passwords in your email or elsewhere on your phone, than hackers could quickly break into your financial accounts if they had your smartphone. Password-protection can help guard against this.
7. Avoid over-sharing on social media sites. People often share their photos, birthdays, and other personal data on Facebook and Twitter, which can make it easier for fraudsters to guess passwords, or even use photos for nefarious purposes. Experts suggest thinking twice before sharing personal details, including when you’re on vacation so potential thieves know you’re not home. Also, avoid “friending” strangers.
Global Payments says it will continue to update the public on the situation as it gets more information. Consumers should also be on the look-out for any instructions from their card-issuers about other steps they need to take, such as closing down accounts and opening up new ones.