What To Do If Your Credit Card Account Has Been Exposed In A Data Breach | CreditShout

What To Do If Your Credit Card Account Has Been Exposed In A Data Breach

By Dan Rafter / June 20, 2011
Experian Breach Exposes T-Mobile Customer Data


Credit Shout may collect a share of sales or other compensation from the links on this page.

The news earlier this month that cyber thieves were able to nab the contact information and credit card numbers of about 1 percent of Citigroup’s customers has made credit-card holders nervous. And why not? Data breaches in which criminals are able to hack onto the online homes of major banking companies have become distressingly common.

The good news, though, is that you can take steps to protect yourself even if hackers are able to steal your account information.

And all you’ll need to do this is a bit of common sense.

The Crimes

The Citigroup data breach is the latest in a series of high-profile online data thefts (Don’t forget about the troubles that the online PlayStation Network suffered in April with its own security breach).

In the CitiGroup case, computer hackers in early June breached the bank’s security systems and gained access to the data of about 200,000 credit-card customers in North America.

The fear now is that these criminals will try to gain the security codes and expiration dates that they need from these customers through phishing attacks, in which they try to trick customers into willingly giving up their most personal data.


When there’s a big security breach, as with Citigroup, the best way for customers to protect themselves is to learn the secrets to avoid becoming the victim of phishing schemes.

In a typical phishing scheme today, cyber criminals send e-mail messages to potential victims that look as if they’re coming from Citigroup, Bank of America, Discover or other legitimate financial services companies. These e-mail messages often have the logos of real financial companies included in them.

The e-mail will ask victims to provide data such as their credit card numbers, security codes or Social Security Numbers in order to prevent an immediate shutdown of their credit-card or banking accounts.

Of course, this is all a trick. As soon as victims send their personal information, the scammers can go to work making fraudulent purchases or emptying victims’ bank accounts.

Here’s the Key

No legitimate financial institution will ever ask you to provide personal account information by e-mail. Think about this: Your financial institutions already have this information. Why would they request it by e-mail?

No legitimate financial company would ever threaten to shut down your accounts by e-mail, either.

If you receive one of these e-mail messages, delete it or, if you’re unsure about its legitimacy, call the financial company from which it’s supposed to be coming. Ask them if your account is in danger of being shut down or if you need to provide account information. Just make sure to contact your financial institution through a customer service number that you know is legitimate.

Other Steps

Once you brush up on your phishing-avoidance skills, you can then take other steps to prevent yourself from falling victim to an online scammer.

Make sure, for instance, to change your online banking passwords often. And make sure the passwords aren’t easy ones to guess, such as the street on which your live or your birthday.

Don’t use the same passwords for different online banking sites, either. A scammer who nabs your password at Citigroup might decide to type it in again at your Discover Web portal to see if it works.

Check your credit-card account statements for purchases that you don’t remember making. And never provide personal banking information when someone claiming to be from Bank of America, Citigroup or another financial institution calls you to ask for it. This is another sure sign of a scammer: Your financial institutions will never call you up to ask for your account information. (If you call them at a legitimate number, though, you will have to provide your account number — usually — before doing business.)

Data breaches are undeniably frightening events. But with just a bit of common sense, you can protect yourself even if your favorite bank has suffered a security breach.

The editorial content on this page is not provided by any of the companies mentioned and has not been reviewed, approved or otherwise endorsed by any of these entities. Opinions expressed here are the author's alone. Additionally, the opinions of the commenters are not necessarily the opinions of this site


Leave a comment: