I didn’t get mad when word of the Target data theft first hit the news. If you’re a credit card user, especially one who shops on the web, you know that it’s always a risk. Our credit card has been compromised at least three times in recent years. It’s a nuisance that always takes too long to get sorted out, but by law, credit card users can only be held responsible for up to $50 of fraudulent charges; in our experience, Chase has always covered all the fraudulent costs. (One thief spent $1700 at some boutique in Vienna with our card; we’ve never left North America.) The cost to us has been in inconvenience as we wait for replacement cards and go through the hassle of changing all our autopays and saved credit cards on various sites to the new number. Irritating, but not tragic.
I didn’t get annoyed when Target started the deluge of mea culpa e-mails telling me that there was a possibility that my personal data had been compromised by criminal types, but that they couldn’t really tell me if it was a sure thing. In my old age, I find it increasingly difficult to worry too much about things I have no control over, or have no confirmation they actually happened. I would begin to worry if and when someone (or my bill) can actually tell me for certain that my credit card was used by someone who wasn’t me. Until then, it’s all speculation.
What finally got me miffed at Target was the audacity of this paragraph in their latest e-mail:
In addition, to guard against possible scams, always be cautious about sharing personal information, such as Social Security numbers, passwords, user IDs and financial account information. Here are some tips that will help protect you:
- Never share information with anyone over the phone, email or text, even if they claim to be someone you know or do business with. Instead, ask for a call-back number.
- Delete texts immediately from numbers or names you don’t recognize.
- Be wary of emails that ask for money or send you to suspicious websites. Don’t click links within emails you don’t recognize.
What ticked me off about that was that I couldn’t help but notice they omitted an important, and, I think, supremely pertinent bullet point: ONLY USE CASH AT TARGET.
Gross, Target. It takes some pretty gargantuan balls to presume to lecture your clientele on ways to protect your personal and financial data in an email sent out only because your company was responsible for the latest massive breach thereof, through none of the means they describe as risky. Clearly, they know nothing about cybersecurity, and their effort to give advice on the subject is absurd at best. I don’t get my hair cut in salons where the stylists have bad hairdos, and I don’t take kindly to security tips from people who couldn’t protect my data in the first place. And I’m pretty sure their tone-deaf approach on this is impressing no one else, either.