When Credit Cards Are Compromised
Millions of credit and debit card users should be worried about more than their holiday bills. They should be checking for errors or fraudulent charges.The Early Show financial advisor Ray Martin explains how to get any unauthorized charges taken off your card.
Now is the time to be checking your credit card bills because those bills arriving in the mail show your purchasing transactions over the busy holiday shopping season. The more charges you make, the greater the chance there will be incorrect charges and fees on your account. This year, there is another reason for some shoppers to check their credit and debit card statements.
Retailer TJX Cos., which owns and operates more than 2500 big discount stores, such as T.J Maxx, Marshals, A.J. Wright and Home Goods, reported two weeks ago that due to an "unauthorized intrusion" into it's computer systems, the credit and debit card numbers and card expiration dates of their customers had been compromised, and in some cases, stolen from their computer systems. According to the company, a smaller number of customer's names, addresses and drivers license numbers were also stolen – the most likely being customers who provided this information while returning merchandise without a receipt.
According to the company, the card numbers and related transaction information did not include customer addresses and names, and the main risk posed to customers is the risk of possible fraudulent charges on the compromised accounts. Other than the instances where drivers license numbers, names and addresses were stolen, the company says that it's extremely unlikely to be exposed to the risk of ID Theft on the customers breached credit and debit card accounts.
Protecting Customers – or Holiday Sales?
TJX Companies Inc states on their web site that they discovered the "unauthorized intrusion in mid-December 2006" and they believe it began in May 2006 with customer data compromised from then until December 2006. Their first move was to hire computer security experts General Dynamics Corporation and International Business Machines Corporation, and then they notified law enforcement authorities. According to the company, it delayed it's public announcement of the breach until mid-January out of a concern to reduce the risk of more customer data being exposed. They also state they maintained confidentiality of the intrusion as requested by law enforcement. It's probably an unfortunate coincidence that they made the announcement after the holiday shopping season – when asked if this factored into their decision, Sherry Lang, VP of Investor Public Relations replied, "It would be a pleasure to categorically deny that. We waited because it was in the best interest of our customers."
Don't Call Us – And We Won't Call You
According to company sources, most of the customer data compromised and stolen did not include customer names and addresses and affected shoppers who used their credit and debit cards to buy stuff at T.J. Maxx, Marshals, Home Goods and A.J. Wright Stores in the U.S and Puerto Rico after May 2006. Since they believe this involved account numbers and expiration dates, TJ Maxx has notified the banks and credit card companies who sponsor the cards. Their recommendation it that customers who may be concerned about their accounts should review their account statements and notify their bank or credit card company if they detect fraudulent charges or transactions.
My recommendation for those whose credit or debit card accounts could have been compromised in the TJ Maxx breach: call your credit card company and have them issue a new card with a new number and a new expiration date…and have them cancel the affected card account.
For customers whose drivers license numbers, name and address was stolen, TJ Maxx sent letters and established a dedicated help line that is available on their web site.
According to a recent report in the Wall Street Journal, some cases of fraudulent or unauthorized charges are already surfacing – a Massachusetts man reported about $6,700 in unauthorized transactions – including purchases from Wal-Mart Stores, Inc, Flowers.com and iTumnes.com – made with his card account number on January 2.
One thing is for sure – after the dust settles, shopping at TJ Maxx and its affiliated stores should be safer, as far as the security of customer data is concerned. As significant and unfortunate this situation is for TJ Maxx, consumers need to know that information you provide can be compromised anywhere and anytime and you need to play an active role in thwarting fraudulent account activity.
Credit Card Protections
If you are going to use plastic as your purchasing tool, credit cards are preferred over debit cards because consumers have the right, under the Fair Credit Billing Act (FCBA) to dispute incorrect charges on their credit cards. Unfortunately few consumers understand their responsibilities required to ensure the protections provided. While you can use the protections under the FCBA to help you avoid billing disputes, there are certain guidelines and timelines you need to follow.
You also need to clearly understand that none of the following procedures or protections applies to DEBIT cards. Many consumers use their debit cards like credit cards these days - debit cards even look like credit cards because they carry the MasterCard and Visa logos. Some debit card issuers do offer similar protections, however, the most complete protections under federal laws are only offered to credit card users.
Anti-credit card fanatics please take note: this does not advocate the use of credit cards to buy what cannot be paid for immediately. The best way to use a credit card is as a purchasing tool and to pay off the balance in full each month.
The following types of billing errors can be cleared up with a simple phone call instead of an official written dispute:
Clerical Errors: Mistakes such as an incorrect date or amount of a legitimate charge item can be easily changed over the phone.
Unfamiliar Charges: Over half of all disputes arise from consumers not recognizing a charge. Usually, this is because the merchant's corporate name is displayed on the bill in place of the individual store name. People looking for a charge from a particular store will be confused by an unfamiliar corporate name. For example, the charge at Brite Way Car Wash could show up as VERC ENT on a Bank America VISA card statement.
Fraudulent Charges: If a fraudulent charge does appear on your bill, companies are typically quick to address it because they want to maintain your faith in their card's security. Often they will research the transaction, and send you an affidavit stating that you sign and return stating that you did not authorize the charge.
All other billing problems or errors require you to send a written letter to your credit card company, stating that you are disputing the charges. Such errors might include:
Consumers mistakenly believe they also can automatically dispute and not pay for charges for poor-quality products they receive. Unfortunately, that's not covered under the FCBA. Goods "not delivered as agreed" are covered by the law and can be disputed for a refund. However, the law does not cover poor-quality goods. That's because poor-quality goods are not seen as an "error" on your bill. If you hope to receive a refund, you must return the product and frame your dispute as being about a product or service that wasn't delivered as agreed. This may seem like a fine line, but this is your best bet for getting your money back according to Consumer Reports and the Federal Trade Commission.
When disputing a credit card charge, you need to be sure and follow the correct process.
First, when you write the letter, DO NOT send it to the same address where you send your payments. Instead, send the letter to the address for "billing inquiries" which is typically listed on the back of the credit card statement. In your letter, include your name, address, account number and a clear description of the error. Include COPIES of documents that support your claim. Be sure to keep the originals for your own records; and also keep a copy of your dispute letter.
Send the letter by certified mail, return receipt requested.
The letter must reach the credit card issuer within 60 days after you receive the billing statement that includes the charges you are disputing.
For a sample letter and an explanation of the dispute process, refer to the FTC web site.
Once you've completed these steps, the burden lies with the credit card issuer. The company must acknowledge your complaint IN WRITING within 30 days of receiving your dispute letter. Then, the card issuer is bound to resolve the dispute within two billing cycles.
All of this sounds fairly easy, but while you are working through the process, which can potentially last up to five or six billing cycles, you are continuing to receive bills which claim that you not only owe the disputed amount, you also owe a growing finance charge on the amount.
And disputing a charge on your credit card should not affect your credit rating. First, it is within your rights to withhold payment on the disputed charge AND the finance charges during the investigation. But regular billing rules apply to all other charges and finance charges. The credit card issuer is not allowed to try and collect this money, your account cannot be closed or restricted, and the issuer cannot report you as delinquent to a credit bureau or reporting agency.
Assuming that the card issuer agrees with your dispute and finds that your bill is indeed incorrect, expect to receive a letter detailing the error and what corrections will be made to your account. The creditor must remove all finance charges, late fees or other charges related to the error.
If it turns out that your bill was correct, you will receive a letter explaining what you owe and why. You may write back saying that you refuse to pay the amount, however, the creditor can now begin the collection process - this includes reporting you to a credit bureau.
You should know the law only requires a "reasonable" investigation into the dispute, not an exhaustive one. For example, the creditor will probably not go so far as to check the store security camera footage when tracking down a disputed charge.
"The good news is that it's in a credit-card company's interest to fix most problems fast," says Consumer Reports. "It costs at least $25 to process a disputed charge but it can cost more than $200 to replace you. So it's cheaper simply to credit you for small amounts without an investigation" For larger disputes, credit-card issuers also probably weigh whether you'll take the matter to court or cut up your card.
Ray Martin