Military financial institutions have seen relatively few cases of fraud linked ot the data breach of the Target retail chain, but officials say the thieves may be taking a 'low-and-slow' approach to lull victims into complacency. (Steven Senne / AP)
At least two large military-affiliated financial institutions — USAA and Navy Federal Credit Union — say they’ve seen a few cases of fraud linked to the data breach of the Target retail chain that began Thanksgiving weekend and ended Dec. 15.
The fact that the numbers are “few” may be all the more reason for customers to be continually vigilant of their credit card and debit card accounts, whether or not some thief has already tried to make fraudulent charges, experts say.
“We believe that criminal rings are being very cautious and are taking a low-and-slow approach in using cards compromised in the Target data breach to avoid detection because they know that this is one of the most visible card breaches, if not the most visible, in U.S. history,” said Tom Shaw, USAA’s vice president of Enterprise Financial Crimes Management.
By law, if your credit card number is stolen, but not the card itself, you are are not liable for unauthorized use. If your debit card number is stolen, but the card isn’t lost, your are not liable if you report that fraud within 60 days after the statement is sent to you.
Many military-affiliated financial institutions contacted by Military Times said customers will not be held financially responsible for any fraudulent purchases made using their credit or debit cards.
Target, the nation’s second largest discount retailer, announced Dec. 19 that about 40 million credit and debit card accounts had been affected by a data breach from Nov. 27 until Dec. 15.
On that date, Target disabled the malware and began notifying its card processors and the payment card networks, who in turn have notified financial institutions such as banks and credit unions about the accounts that were compromised.
Target announced Jan. 10 that certain customer information such as names, addresses, phone numbers or email addresses, was stolen for up to 70 million people in the same data breach. The retailer is offering one year of free credit monitoring and identity theft protection.
USAA and Pentagon Federal Credit Union also are replacing all cards that were exposed in the Target breach.
It is unclear how many customers in the military community might be affected. But Security Service Federal Credit Union alone had 30,000 members affected out of its more than 900,000 members. The credit union started reissuing cards to those members within 36 hours after its officials were notified about the breach, said spokesman John Worthington.
Chase spokeswoman Nicole Kennedy declined to comment on whether any of the Military Star Rewards MasterCard customers have been victims of fraud traced to the Target breach.
Chase is issuing new Military Star Rewards MasterCard cards to customers whose account information was stolen. This does not affect the regular Military Star card, which can only be used on installations.
Navy Federal has had “very few reports of fraud connected to the Target breach,” said spokeswoman Jeanette Mack, and is reissuing debit or credit cards when necessary. Navy Federal, like USAA and other financial institutions contacted, have extensive security programs to monitor customers’ accounts for possible fraud.
Armed Forces Bank has had no reports of fraud tied to the Target issue, said president Don Giles. They’re taking extra steps to monitor for fraud on the accounts that could have been compromised.
Customers should always contact their financial institution as soon as possible if they suspect fraud, as as soon as possible.