Up to 1.5 million cards may be impacted by a data breach at one of MasterCard and Visa’s third-party processors. For individuals, data breaches are often far less scary than they sound — at least for credit cards.
Consumers are actually well-protected against fraudulent credit card charges. In general, card issuers hold customers liable for up to $50 of unauthorized credit card transactions and often times they waive that as well, says Carol Kaplan, a spokeswoman for the American Bankers Association. In this case, if it was strictly credit-card information that was compromised, consumers won’t be on the hook for charges they didn’t make.
However, when a data breach involves debit cards, consumers could be at a much greater risk. With debit-card breaches, protections are minimal and consumers are advised to contact their card issuer quickly. Consumers who wait more than 60 days after receiving a checking account statement that shows fraudulent withdrawals could be at risk of losing hundreds of dollars. In the worst-case scenario, they could lose all the money in their account, says Jay Foley, identity theft expert and founder of the ID Theft Info Source, a consulting firm.
A Visa spokesperson says the company has provided card issuers with the affected account numbers “so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards.” MasterCard didn’t respond immediately to requests.
For now, consumers should contact both their credit and debit card issuers to confirm their cards haven’t been compromised. They should also review their checking account regularly online to make sure fraudulent withdrawals aren’t occurring.