KNOXVILLE (WATE) – You may have noticed there’s been no arrest yet of the hackers behind the Target and Neiman Marcus data breaches in December. They haven’t even been identified.
In the aftermath of the breach, you may be wondering what you can do to protect yourself from the next group of hackers, wherever they may strike.
Weeks ago, Target removed the malware that compromised the credit cards of at least 70 million customers.
In that massive security breach, hackers accessed personal information on purchases made with debit cards from November 27 through December 15.
Target is offering all of its customers one year of free credit monitoring that includes identity theft insurance.
However, no arrests have been made in the data breach, which federal investigators believe originated in eastern Europe or Russia.
“Even if you find them, then you have to get them to the United States to prosecute them,” said ORNL Security Chief Greg Hinkel.
Hinkel is not an investigator, but he is a wizard at cyber security which he leads at the lab.
He showed us some binary data. It’s information like this that an attacker, or hacker, secures in a breach.
“They hack into their computer systems. They get the credit card numbers. They have to get rid of the numbers somehow, so typically they make those numbers available somewhere – some super secret site that only the bad guys know about,” said Hinkel.
He says then a broker enters the picture after seeing large amounts of credit card information available on the black market.
“They buy them up at some sort of discounted rate, and they either use the cards themselves or sell them off to somebody else,” explained Hinkel.
Barry Byrd, information technology manager at Home Federal Bank, says at the local level, most banks use a monitoring service that watches for out-of-the-ordinary card purchases or locations of the transaction.
“It looks for any unusual activity. Anything that is out of the norm it will pick up on, and it will assign a risk rating to that,” said Byrd.
Byrd says the service would then call you about any transactions that fall outside the risk boundaries.
So what can you do in the meantime to protect your personal information, since millions of us have a credit or debit card?
“The most important thing we can do as consumer is monitor our own accounts,” said Debra Smith, VP of Retail Operations at Home Federal.
Since banks have monitoring services that watch their customers accounts, banks give alerts to customers when data breaches happen.
Smith says it’s a good idea to change your PIN periodically, to take advantage of a free yearly credit report check, and to read your statements closely.
“At least once a month. I personally do mine, everyday,” she said.
The less-secure magnetic strip technology used when we swipe our credit cards here in the U.S. will soon be disappearing.
They’ll be replaced by the more secure chip and PIN card that has made credit card use in Europe safer. It has a computer chip in the corner called an “EMV chip,” which stands for Europay, Mastercard and Visa.
These new readers will likely roll out in the U.S. sometime in 2015 or 2016.