Mike Cote's Business Editor's Notebook: Target hackers hit the bull's-eyeBy MIKE COTE
December 21. 2013 8:55PM
IF YOU'RE as old as I am, you remember the days when people like my Nanny would visit her bank to purchase a crisp $5 bill to insert in one of those money cards that featured a cutout window that could show off Abe Lincoln's mug.
At Christmas and on birthdays - and on St. Patrick's Day, thanks to the Irish mixed in with our French Canadian blood - my two brothers and sister and I would receive five dollars each that somehow always seemed worth a lot more than that.
All sentiment aside, we certainly didn't have to worry that some cyberhack in a far-off distant land might snatch that money from the envelope before it arrived in our mailbox or that it might vaporize after we opened it.
We've been saying goodbye to cash in the digital era, swiping our debit and credit cards for everything from gas and groceries to a footlong sandwich at Subway. And the convenience comes with considerable risk, as we learned Thursday when Target announced that 40 million debit and credit cards may have been vulnerable to illegal access in recent weeks.
The breach occurred when a computer virus infected Target's point-of-sale terminals, according to Bloomberg News, which cited an unnamed source "familiar with the matter."
We're all about to become more familiar with the matter as the swiping technology thought to be less risky than shopping online reveals its weakness and alerts us that checking our banking and credit card accounts daily to monitor activity is the cost of being a consumer in the 21st century.
Within hours of the news breaking, Target was promptly sued by a shopper who filed a lawsuit in federal court in San Francisco, accusing the nation's second-largest retailer of invasion of privacy and negligence. The suit "claimed the stolen data may permit the counterfeiting of cards by encoding the information onto any cards with a magnetic strip, and may have also reveal customers' personal codes for debit cards," Bloomberg News reported.
And we can bet more such suits will come, as the shoppers who visited a Target store between Nov. 27 and Dec. 15 discover someone has plundered their bank account or run up their credit card. It's already hit home in the Granite State: Gina Sekula of Grantham said she lost more than $400, thanks to someone who hacked her debit card after she stopped at Target after Thanksgiving.
"You think you have money in your account, and then you have nothing. You have beyond nothing," Sekula told WMUR. "It's incredibly frustrating."
We can only guess what she meant by "beyond nothing," but it probably has something to do with the feeling of helplessness that comes with getting your identity stolen. A friend of mine recently got a call from his credit card company, which wanted to make sure it was he who had racked up a hefty bill at Nordstrom and had dined at a restaurant in Massachusetts twice in the same week and run up large tabs, which set off a red flag.
The answer, of course, was no. Fortunately for him, the thief had access to his credit card rather than his debit card, which is easier to clear up than a hit to your bank account, which could leave you broke and bouncing checks while you work with your bank, as it reportedly did for Sekula.
While cash may become king again for awhile, once the panic dies down, we'll continue our reliance on plastic cards, 16-digit account numbers and three-digit security codes. We've gone far too digital to become more reliant on paper money, but we need better technology to protect our assets.
As Bloomberg reported, many countries have replaced those magnetic strips with chips embedded in the credit cards that reportedly are tougher to crack. It cited a source who said U.S. credit card companies are scheduled to replace those strips by 2020 but might now act sooner.
For people like Gina Sekula, that's many days, many dollars and a lot of heartache short.
Honest Abe would agree.
Mike Cote is business editor at the Union Leader. Contact him at 668-4321, ext. 324 or firstname.lastname@example.org.