This past weekend, Chuck Rubin, the CEO of Michaels, the country’s biggest arts and crafts stores issued the following statement: “We are concerned there may have been a data security attack on Michaels that may have affected our customers’ payment card information and we are taking aggressive action to determine the nature and scope of the issue.” Thus Michaels becomes the third large national retail store chain to become involved with a major hacking of its credit and debit card data following Target and Neiman Marcus. What Michaels’ short statement did not indicate is that the company is still not even sure that it has been hacked although every indication is that it has been. As in the case of the hackings of both Target and Neiman Marcus, it was not the company that discovered that its security had been breached, but rather the banking industry which discovered a pattern of fraudulent purchases using credit and debit cards recently used at Michaels. So although the evidence is pretty strong that Michaels has been hacked, security experts and Michaels have still not been able to identify how the hacking occurred, which is indeed troubling because it means that newer and even more advanced malware was likely used to perpetrate the hacking. As I told you just a couple of days ago, you can expect to hear this story again and again in the new year.
Once again, I want to advise you that you should limit your debit card’s use to ATM machines. Do not use it for retail purchases because the consumer protections provided to you by law just are not as great as they are for fraudulent use of your credit card. Also, as I advised you previously, you may wish to consider putting a credit freeze on your credit report at each of the three major credit reporting agencies to protect you from an identity thief getting access to your credit report in order to use your credit to make large purchases in your name. you can find detailed instructions as to how to put a credit freeze on your credit report by clicking on the link designated as “credit freezes” on the right hand side of this page. Finally, for your own protection of your computer, smart phone and other electronic devices, you should make sure that you have installed anti-virus software and anti-malware software. You should also make sure that you keep this software current with the latest updates as soon as they are available, however, as the situation with Michaels illustrates, new strains of malware are always at least thirty days ahead of anti-malware software to protect you from those malware programs so you should always be wary of phishing and other techniques used to lure you into unwittingly downloading malware. You can learn in detail how to protect yourself from phishing and other threats by reading my book “50 Ways to Protect Your Identity in a Digital Age” which can be ordered by clicking on the icon of the book on the right hand side of this page.