Back in ye olden days — say, a decade ago — many holiday shoppers worried about using credit cards to buy gifts online. They feared their information would end up in the hands of computer hackers.
Turns out, walking into a store and swiping a credit card can be plenty risky too.
"There aren't good statistics measuring which one is a greater risk," said Greg Brown, chief technology officer for McAfee, a computer security company. But either option — shopping in real life or online — can let bad guys into your wallet, as Target shoppers learned Thursday.
If you shop through a shady website, "your risk goes up, just as it would if you bought merchandise off the back of a truck," Brown said. "You have to be diligent" about who sees your credit card, he said.
But that's what was so disturbing about the revelation that Target, with nearly 1,800 U.S. stores, suffered a huge theft. The company said that between Nov. 27 and Dec. 15, information from 40 million card accounts may have been stolen. The data loss involved customers' names, credit and debit card numbers, expiration dates and three-digit security codes imprinted on the cards. Target said it's working with law enforcement and financial institutions, and has "identified and resolved the issue."
The theft involved cards used to make purchases inside the stores, where lights twinkle and Christmas carols play, not through the company's website.
That freaks out many customers who thought they could make themselves safe, just by refraining from flashing cash or throwing card information out on the Internet.
"I don't carry cash with me because I'm a senior citizen," said Betty Singletary-Flythe, who was at a Target store in Washington, D.C., on Thursday. To shop, she likes to pull out her plastic in person.
All Tech Considered
Outdated Magnetic Strips: How U.S. Credit Card Security Lags