NEW YORK — It's an almost weekly occurrence: On Tuesday, Goodwill said its computer systems may have been hacked, leading to the possible theft of customers' credit and debit card information. The nonprofit agency, which operates 2,900 stores in the U.S., said it is working with federal investigators to look into a possible breach.
That follows news over the weekend that Vendini, an event ticketing service, had settled a class-action suit related to a data breach in 2013. In the past year, major companies like Target, LinkedIn, eBay and Neiman Marcus have also been hacked.
The incidents are especially troubling to consumers as online and mobile shopping continues to grow.
Here are five ways you can avoid becoming a victim of identity theft — even if your data has been compromised.
1. Monitor your bank statements. Keep a close tab on your bank statements. Gartner analyst Avivah Litan recommends checking at least once a month, if not more, for any suspicious activity. If you find something that doesn't seem right, call your bank right away.
2. Use a credit card, not a debit card. Government regulations protect you from liability for fraudulent charges over $50 when you use a credit card or a debit card with a signature, not a PIN. But if you use a debit card with a PIN, the regulations are murkier, and you may end up being liable for some charges.
3. Get free credit monitoring. Concerned consumers can pay an organization for credit monitoring, but the government offers three free credit checks a year, something consumers should take advantage of, Litan said. The reports will show if any loans or new credit cards have been taken out in your name. Here's where to find free credit reports: www.annualcreditreport.com/index.action.
Also, companies that have had a data breach often offer to pay for customers' credit monitoring.
4. Bank smarter. Many banks offer a service that sends an email alert when any major changes — or charges — are made to a customer's account. The alerts can be very helpful in detecting identity theft. If you want to be extra cautious, don't make money transfers online or pay bills electronically — use a check. Also, experts recommend changing your passwords often. And never use the same password for banking that you use for lower-security websites. Nonbanking sites tend to be easier to hack.
5. Don't rely on companies. Vendini, the latest company to report a data breach, on Friday scored a rare settlement for a class-action lawsuit about compromised data. The company, which offers ticketing services for theaters and event venues, will pay out up to $3,000 per customer for identity theft losses, but it will be difficult for people to collect the money, because they need to prove that the information that was used for identity theft came from Vendini. The lesson: Don't depend on companies to let you know if your data has been stolen. If you want to protect yourself, it's best to take matters into your own hands.