Target breach: Teen to blame?

Target data breach investigation continues

By Tony Statz - Producer
Headline Goes Here

The huge data breach at Target continues to be a source of concern for millions of American shoppers.

The size and scope of the breach has many of you worried about protecting your accounts and personal information. Also, you should be on the lookout for scam artists hoping to cash in on the situation.

So far, there are no arrests in the breach that lead to the hacking of personal information for up to 110 million shoppers as the busy holiday shopping began. Target has said the breach took place between November 27th and December 15th. Target says security was tightened, and customers will not be liable for any fraudulent charges. Neiman Marcus later admitted it suffered its own breach and cyber security experts have predicted other retailers could come forward with information on more security breaches.

Was a teenager responsible?

According to USA Today, one cyber security firm believe the breach started with a Russian teenager who sold malicious software to cyber criminals out of Eastern Europe. However, another cyber expert is disputing that report. Numerous agencies are investigating the data breach, trying to find those responsible.

In December, Target reported the personal data of 40 million customers was stolen. At first, the retailer said only debit and credit card information was taken between November 27th and December 15th, the beginning of the very busy Christmas season. A week later, the retailer admitted hackers has also taken "strongly encrypted" personal identification numbers when they tapped into the retailer's systems.

Target has also confirmed up to another 70 million customers may have been affected, although there could be some overlap between the two groups. The store stresses both problems stem from the same breach, covering the same time period.

How to protect yourself

If you used a credit card at Target between November 27th and December 15th, there are some steps you can take to protect yourself.

1) Monitor the accounts that may have been hacked. You should be monitoring all your accounts ALL the time. You should always be checking your account online, at least once a week, to search for unauthorized charges. You should not wait for your written statement.

2) If you are very concerned about the security of your accounts, you can ask the three credit reporting agencies to put a fraud alert on your account. Those three agencies are Experian, TransUnion, and Equifax.

3) If you have used a debit card at Target during the affected times (or any time to be safe), you should probably change your PIN number at the very least. It might be a good idea to ask for a new card.

4) You can setup alerts on all of your accounts so you are notified if there are any suspicious charges as soon as the happen. That notification can come via text message, email, or phone call.

Finally, you should know the hackers may be selling your information on the black market and its possible that it will not be used right away.

"I would suggest that not only do you maintain your vigilance now, you maintain that vigilance months and months down the line," said Professor Lewis Langham of Cooley Law School.

Beware of scam artists!

The Target data breach also presents a golden opportunity for scam artists to reach out to you, looking to grab your personal information or infect your computer with malware. Beware of any emails that come your way offering solutions, credit monitoring, or other services in connection with the data breach.

Scammers will pretend to offer you help to get you to click on a bogus link or to trick you into sending your personal information. Last week, many Americans were confused about an email from Target. Some wrote to Ruth to the Rescue asking if the email was legitimate. We found that particular email WAS sent out by Target. If you get an email that seems to be from Target, you can check on special website where the store is posting copies of all the legitimate emails its sending. If your email doesn't match up with one of those posted, delete, and move on!

As always, its best for you to be in charge of what credit protection you might want to use to protect your accounts. You should go to the websites or call companies you know to be legitimate to see what services might help. You should NEVER purchase, click on links, or share personal information through an email that comes to you, unsolicited. You could making a huge mistake!!

The special Target page is here.

Copyright 2014 by All rights reserved. This material may not be published, broadcast, rewritten or redistributed.