Massachusetts Banks Reporting Fraud Has Occurred Re: TJX Breach

Massachusetts banks, as well as banks in other states, have been acting quickly to protect customers who had card data compromised after doing business with TJX stores including TJMaxx, Marshalls, Winners, HomeGoods, TKMaxx, AJWright, and HomeSense. TJX has not made clear the number of cards involved in the breach, but Massachusetts banks continue to receive information from the card companies about cards that have been exposed.

Thus far, nearly 60 banks have reported into the MBA that they have been contacted by the card companies about compromised cards, and these banks are notifying customers and in many cases reissuing new cards. The MBA is cautioning, however, that the number is likely to grow higher as, thus far, less than half of the 205 banks in Massachusetts have reported into the Association because the situation is such a moving target.

Daniel J. Forte, CEO and president of the MBA said, “We want to remind consumers that you will be fully reimbursed if a fraudulent transaction occurs during the unauthorized use of a card with a Visa or MasterCard logo on it. Moreover, though it did not cause this problem, your bank is taking extra steps to try and prevent fraud from occurring.”

Forte also said it is not necessary to contact your bank even if you used a card at one of the TJX retailers. If your bank is notified by the card companies that your account was exposed, your bank will contact you and possibly issue a new card. “In rare circumstances, in a rush to protect you, your card could be canceled before the communication reaches you. If this happens contact your bank and confirm that your card is not working, or that it has been captured by an ATM. The bank will let you know when you are due to receive a new card.”

To further protect consumers, the Massachusetts Bankers Association is strongly supporting legislation and card association rule changes that would mandate the quick disclosure of which company caused a data breach, and would place the financial liability with that company as well. “By not disclosing which firm caused the breach, or quickly disclosing it, consumers are needlessly troubled and might feel compelled to take unwarranted action if they’re left in the dark,” said Forte.

“We hope that long term, this approach would be the additional motivation that retailers need to enhance the security of their systems and protect consumers, as well as your local bank, which bears the cost for replacing cards and covering the fraud for customers,” added Forte.

“It is critical that the card associations – Visa, MasterCard, etc. – and public officials carefully evaluate whether the source of the breach should be identified quickly and be held liable for a data breach, particularly if the information being stored is in violation of card network rules.”

Even though some fraud is occurring and the MBA expects the number of banks and exposed cardholders involved in the TJX incident to rise, the MBA is telling customers to try not to worry. “You may not be in the affected group,” said Forte. “This is a situation that was not caused by your bank but you should know, if your information was exposed, we are working hard on your behalf. It’s a good idea to check your statements and balances regularly, report any discrepancies, and order a credit report which you can receive free of charge once a year from the credit bureaus.”

The MBA also wants to remind consumers that even though fraudulent transactions may occur, it does not mean that identity theft is taking place. “The two can be related but thankfully most often they are separate and distinct. Be vigilant and don’t give thieves any more information to make ID theft more of a risk,” said Forte.

For example, thieves could go “phishing” on the Internet or contact you by phone pretending to be TJX, your bank or law enforcement. “They may want to confirm your personal information, anything that could be matched with what they already have and then, upon getting it, steal your identity with the ability to open new accounts, apply for credit and more,” said Forte. “Don’t make it easier for them.”