This is a very disturbing trend, yet another announcement by a major retailer that the credit data was once again exposed. In an AP article, data was stolen from Polo Ralph Lauren Inc. and HSBC North America is starting to notify holders of their General Motors-branded MasterCards that their credit card information may have been compromised. It now looks like thieves aren’t trying to steal data as it’s being transmitted (the nature of encryption makes that impossible if you’re actually encrypting the data), they’re picking it off data at the destination…
This comes on the heels of ChoicePoint, Inc. telling everyone that thieves have been operating undetected on their systems for more than a year and Lexis Nexis saying they’ve exposed the personal info of over 310,000 people.
I’m not going to tell you the typical “get a credit check, get identity theft fraud protection, etc” advice because chances are you’ve heard it. Here are some non-classic tips for of staying ahead of the thieves:
- When you order something online, don’t use the convenience of saving your credit information. Granted the vendor will always have your credit card information somewhere, but not saving it with your online account is just one fewer place that can get compromised. Some cards have throw-away numbers that work only once, this is ideal because it’s the better alternative to Tip #3.
- When you order something over the phone, employ the same strategy and ask that they don’t save your credit card information on file.
- Every few months, call up your credit card company and tell them you misplaced/lost your card. That should invalidate the current credit card number and they should issue you a new one. This means when someone gets old data from Polo, they at least can’t use that card again even if it is on file — it’s invalid.
- Drop your cash advance limit to $0. You shouldn’t use it anyway with the ridiculous rates and if you do get somehow compromised, they can’t get cash advances because the limit is $0.
- Consider getting a PO Box just for credit cards. This may be a little extreme (but I did say these are unorthodox) but if the data on file is of a PO Box and not of your home address, then it’s less information the thief can use to try to steal your credit. The fees for a PO Box  are pretty reasonable if you’re extremely worried. The Fee Group refers to the geographic area you are in (for some reason that’s not spelled out on that page).
I hope these help, but I hope even harder that companies employ better security (or use software by companies that scrutinize their stuff better).