- Apple had agreed to refund at least $32.5 million to unsuspecting parents, after tens of thousands of people complained the company was allowing apps to charge hundreds of dollars on consumer's credit cards, after kids may have clicked on various links unaware of the cost. READ MORE HERE One parent told the FTC her daughter had spent $2,600 in "Tap Pet Hotel," in which children can build their own pet lodging. The game is free to download and play, but it takes in-app purchases and applies them directly to your credit card without notice. ( COMMENTARY: One WNY Parent's Story)
- Target Corp's security breach may have been part of a global program - with hackers in Russia- trying to vaccum up consumer data. and Congress is beginning to discuss the possibility of hearings on the issue. (HEAR MORE in a CBS Special Report)
- Key Bank and First Niagara Bank have allmost completed the mailing and activiation of new credit and debit cards to all customers, in light of the data breach that saw almost near 70 million Target customers, e-mail addresses and pin numbers comproimised.
- -Citibank now says it will re-issue all of its debit and credit cards to deal with the Target incident.
- Last week, Neiman Marcus said thieves stole some of its customers' payment information and made unauthorized charges over the holidays. At the time, it said that was working with the Secret Service on the breach.
|Buffalo, NY (WBEN) With the Target hacking and Apple in-app settlement, what recourse could you have if you're a victim? One expert says it will be a process.
The high tech era is a new one, says Paul Atkinson of Consumer Credit Counseling Services.
"Your recourse of correcting the transaction, I have no idea how that's going to happen, and I can assure it's not going to happen quickly," he notes.
"We have come to accept the use of PIN numbers and swiping as SOP (Standard Operating Procedure), but it's not. You've got to be protective of what you do, boy if there was ever a lesson, this was it."
--Paul Atkinson, Consumer Credit Counseling Service of Buffalo
Atkinson says go over every statement that has a transaction.
"These hackers who are selling and re-selling your information, and this can re-appear months from now," and Atkinson advises you to check every statement down the road.
SHARE YOUR THOUGHTS:
You also have a free credit report once a year and he says you should check out to be sure every transaction is your transaction.
The report, made public Thursday by iSight Partners of Dallas, offers more insight into the breach at Target. That attack affected 40 million credit and debit card accounts and led to the theft of personal information, including email addresses and names, of as many as 70 million customers.
The report said that a malicious program vacuuming personal data from terminals at store check-out stations was "almost certainly derived" from BlackPOS, a crude but effective piece of software that contained malware scripts with Russian origins.
"The use of malware to compromise payment information storage systems is not new," the report said. "However, it is the first time we have seen this attack at this scale and sophistication."
Starting in June, iSight noticed the malicious software codes on the black market, the report said.
Criminals bought the original malware on the black market and then created their own attack method to target retailers' terminals at store checkout stations, iSight Partners' CEO John P. Watters said.
"It's less about the malware, but more about the sophistication of the attacks," Watters said in an interview with The Associated Press.
The report noted that because this kind of software can "cover its own tracks," it's not possible to determine the scale, scope and reach of the breach without detailed forensic analysis.
"Organizations may not know they are infected," the report said. "Once infected, they may not be able to determine how much data has been lost."
Last week, Neiman Marcus said thieves stole some of its customers' payment information and made unauthorized charges over the holidays. At the time, it said that was working with the Secret Service on the breach.
The iSight report doesn't list the names of retailers and the intelligence firm says it can't discuss whether the malicious software specifically affected Target, Neiman Marcus and other retailers. However, the report offers the latest evidence that the attacks on Target and Neiman Marcus are related and that other retailers may have been victims of a broader data scheme.
Molly Snyder, Target spokeswoman, said that the retailer did not have any details to share on the report at this time.
Neiman Marcus Group said Thursday that, to its knowledge, customers' Social Security numbers and birthdates were not stolen in the security breach.
The luxury retailer, based in Dallas, also confirmed that customers who shopped online do not appear to have been affected, and said personal identification numbers, or PINs, were never at risk because the retailer does not require PIN pads in its stores.
Neiman Marcus's spokeswoman Ginger Reeder declined to say how many people were affected by the scam, noting that the investigation is still ongoing.