I’m pretty sure my card’s been breached again, so here’s what I’m doing

So it’s starting to look like Home Depot got breached. Nobody knows yet how bad it is. I decided to be proactive and call my credit card company because I shop at Home Depot a lot, and they just read me a canned script. OK, they don’t want to know if I think my card was among those breached.

Here’s what I’m doing in the meantime.

This morning I bought half a tank of gas using that card. I bought it close to home. If I remember, I’ll buy another half a tank or so on Friday. This establishes that I’m not traveling right now. It’s also not terribly unusual–I rarely buy full tanks of gas if I’m not traveling–so it helps establish normal. We’re in the data age, so the more normal data I can produce about myself, the more abnormal data–someone using a breached card–sticks out.

Someone using a breached card will look very different. Initially it’s likely to be for a small amount, and it will be online. If that transaction goes through, then they’ll buy something big. But my big purchases tend to be in person, and if you’ve been reading me long enough, you can probably guess what kind of stuff I buy. It’s generally not the kind of stuff a crook is going to buy with a stolen card. That will stick out too.

The other thing I’m doing is gathering together the contact information for my automatic payments, because I’m going to be changing those yet again soon. Those companies are used to it and probably would be understanding if I were late for a payment, but I don’t want to be late for a payment.

Home Depot will be offering identity protection if the breach is confirmed; if you’ve shopped there and used a credit card, take them up on the offer.

Large companies are playing a cat and mouse game with hackers, and the problem is that it doesn’t matter how often the hackers lose. A passing grade for the hackers is anything higher than 0%, and a passing score for companies is 100%.

2 thoughts on “I’m pretty sure my card’s been breached again, so here’s what I’m doing

  • September 4, 2014 at 2:18 pm
    Permalink

    Dave,
    Are the chip based smart cards worth the cost? Will they be hackable by the average criminal?

    • September 4, 2014 at 9:12 pm
      Permalink

      The answer to the first question is debatable, which is part of the reason we haven’t even talked about them prior to last December. Yes, they will reduce crime, but it’s impossible to know by how much and for how long, and that’s what makes it hard to say if the savings will outweigh the cost. In Europe the results of implementing them were dramatic, but then crept back up over time. We can only hope to fall to the level Europe is at now, because at least some of what the crooks learned by hacking Europe will apply here.

      So the answer to the second question is yes, they will be hackable, most likely by attacking the card readers or cash registers themselves. That will mean shoring up the readers and the registers and the connection between them. The question is finding the equilibrium where there’s enough security to make it more expensive to steal a card than the card is worth.

Comments are closed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux