CINCINNATI -- Shoppers across the country are nervously awaiting notifications from their banks after news broke of the nationwide data breach suffered by one of the world's largest retailers.
Customers who made purchases by swiping their cards at Target stores in the United States between Nov. 27 and Dec. 15 may have had their accounts exposed. Officials said the company’s online customers are unaffected.
At this point it is impossible to know for sure who are the victims in the data leak. But the company acknowledged Thursday the information in question is connected to about 40 million credit and debit cards used at stores over the Thanksgiving weekend.
One of those people is Shannon Daugherty, a Florence, Ky. woman and a frequent Target shopper.
During the end of the November shopping frenzy, she says she bought a holiday sweater at the superstore in Crescent Springs, Ky. She used a credit card to make the purchase.
Daugherty went back a few weeks later and returned the item.
On Wednesday, she was surprised when she received an email alert notifying her someone had used her credit card at an Albertsons supermarket in Texas.
"I (received) an email … saying someone tried to use my credit card. They physically had it and they scanned it at a grocery store in Texas,” Daugherty said.
She told her credit card company she wasn’t in Texas at the time.
"I got the email and it said to contact them if my card was used by me in Texas, and I said, 'sorry, I am here (in Kentucky),'” Daugherty told fraud specialists at Chase Bank, one of the largest U.S. credit card issuers.
While she was initially worried after receiving the notification, her fears grew Thursday when she learned she could be one of the tens of millions of people affected by Target Corporation's security breach.
The stolen data included customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the card, officials from the Minneapolis-based retailer said. The information is also known as "track data."
Track data allows thieves to make counterfeit cards by copying stolen credit card information onto another card with a magnetic stripe.
"It does make me nervous, especially since I just used (the card) and the very next day someone else had used it," Daugherty said.
Christopher Browning, of Chesterfield, Va., told the Associated Press he was the victim of credit card fraud earlier this week and believes it was tied to a purchase he made at Target with his Visa card on Black Friday.
On Monday, Browning said he received a call from his bank's anti-fraud unit saying that there were two attempts to use his credit card in California - one at a casino in Tracey, Calif., for $8,000 and the other at a casino in Pacheco, for $3,000. Both occurred on Sunday and both were denied.
"I won't shop at Target again until the people behind this theft are caught or the reasons for the breach are identified and fixed," he told the AP, adding that he canceled his credit card and plans to use cash.
The Associated Press quoted frequent Target shopper Brianna Byrnes, of Kansas City, Mo., as saying she’s "a little bit" nervous because of the situation, but still plans to shop for toys at the store.
"I've never had anyone steal my identity. I guess it's taking a risk," said the University of Missouri-Kansas City student and a call center worker.
While it can't be confirmed at this point if the fraud against Daugherty's account is associated with the Target Corporation nightmare, she, Daugherty and others possibly involved in the second-largest credit card breach in U.S. history are moving forward. They're looking at what they should do next.
Daugherty has canceled her credit card and is waiting for a new one to be issued.
Although she’s getting a new card, she says she’s going to be careful with how she uses it in the future. She also plans to thoroughly check both her card statements and credit report.
In short, she's doing exactly what Paul Hartwick is advising people in her situation to do.
"The best way to figure out whether your account has been breached is keep an eye on your account. Look for transactions you don't recognize," said Hartwick, a spokesman for Chase Bank. "The good news is that Chase and many other banking institutions will not hold you liable for these charges,"
Some other tips include: changing your PIN and passwords, and placing an initial fraud alert on your credit report.
You can also consider a security freeze. This will lock down your credit report to prevent a third party from seeing it, which Ohio Attorney General Mike DeWine said can protect you from having accounts opened in your name.
But know this: In Ohio, that freeze lasts until you lift it so do it with caution.
It's also important to note that a large amount of fraud is stopped before it ever starts, according to Hartwick.
"Chase and other banks often monitor accounts for suspicious activity and stop fraud before you ever see it on your account," he said.
It's still important, however, to check your bank account regularly and make sure there are no suspicious charges.
"The biggest and best thing customers can do is be aware, shop at reputable places such as Target, monitor your account information, be in contact with your card issuer and be aware," Hartwick said.
In the meantime, Target has hired a third-party forensics firm to conduct a thorough investigation of the incident and to examine additional measures that could be taken to prevent incidents of this kind in the future.
If you still have questions, you can call Target directly at 1-866-852-8680.
Information from the Associated Press was used in this report