Identity Theft and the Government Shutdown
There have been numerous reports that due to the Government shutdown, consumers and victims of identity theft are unable to access the Federal Trade Commission’s (FTC) IdentityTheft.gov web site and get help.
This is not accurate as you don’t need the help of the FTC to respond to identity theft. The goal of the FTC is to provide general advice and not direct personal assistance.
The FTC encourages victims to report their cases to the FTC for the purpose of gathering data and statistics. The agency does not investigate individual cases.
If you are a victim of identity theft, we recommend contacting the non-profit Identity Theft Resource Center (ITRC) who can provide access to live and highly trained counselors.
The ITRC website is https://www.idtheftcenter.org, where you can access free chat support and a free app. Counselors can be reached through their hotline number: 888.400.5530.
The ITRC is also a partner with the FTC and handles many of their cases.
Graeters Data Breach
Graeters Ice Cream recently notified around 12,000 of its customers that their personal information had been exposed in a data breach.
It appears that hackers gained access to the company’s website and added some malicious code to the checkout process. This enabled them to steal credit card and related info as it was entered through the website.
It is believed that the attack ran for at least 6 months, from June to December 2018.
Compromised information likely included first and last name, address, telephone number, fax number, payment card type, payment card number, expiration date, and card verification code.
In other words, the information customers would most likely be asked for to complete an online purchase.
How worried should you be?
You should always worry about any data breach. In the Graeters breach, it doesn’t appear that customer Social Security Numbers were compromised.
Graeters doesn’t mention the breach anywhere on their website and doesn’t offer details about the breach or how it is responding. This could be troubling, as it leaves customers feeling uninformed about the incident.
What should you do?
- Check your credit card statements for any unusual charges - and not just those related to purchases at Graeters.
- Be very wary of any email or other communications in connection with the breach. They could simply be phishing emails trying to take advantage of the event.
- Be suspicious of any communication by email, text, and even phone that offers free credit or identity protection services to victims. At this point, Graeters doesn’t seem to be offering any such free services, so any offers are likely to be a scam.
- Know your rights. If your credit cards have been compromised, you can’t be held liable. Your card issuer is likely to simply cancel the charges and card and replace your card.
- This is a good reminder to consider freezing your credit reports toso that you protect yourself against the most common type of identity theft.