Lileks: Target’s Great Data Breach finally sends us over the edge

  • Article by: JAMES LILEKS , Star Tribune
  • Updated: January 16, 2014 - 9:02 PM
hide

Target Store

Photo: Patrick T. Fallon, Bloomberg

CameraStar Tribune photo galleries

Cameraview larger

I snapped. It took a month, but fear got the best of me. When the Great Target Data Breach was announced, a lot of us took it in stride — 40 million numbers? They’ll never get around to mine. Of course, Albert A. Anderson, whose card number began with 1111, probably sweated a little, but as the weeks went by and we didn’t hear stories of massive fraud, we relaxed. That horse might be out of the barn, but it wasn’t ordering OxyContin from a Bulgarian website.

Then came the news they’d gotten PIN numbers, as some people people call call them them. They can use my PIN number, also known as my Personal Information Number Number, at Automated Teller Machine Machines! They had e-mail addresses and phone numbers, which meant they could clean out your bank account.

Ah, but they don’t have my password, so never mind — oh, there’s the phone. Hello? You found my dog Hubert? Sorry, my dog’s name is Harold. No, no problem — what? Well, if I was to add capitalization and a number it would be uppercase H, then 1 at the end, but I don’t see — hello? Hello? What an odd call.

Hey, maybe I’d better change my bank password to Harold2.

This is why some banks have those security questions, which you can’t remember. Question One: What were you wearing when you signed up for online access? Oh, for heaven’s sake, I don’t remember. Pants. PANTS IS NOT A VALID ANSWER. Try another question. What was the color of your grandmother’s first car? Huh. No color family photos; let me think …

Oh, the phone again. Hello? What do you mean, I should just type black, you don’t have all night?

I swear, these wrong numbers are getting annoying.

After the breach I changed my online banking password to something that looked like the name of a lingering disease suffered by Finns: rhjjlkkkkihhllhhrrkk. Figured I was good. Used the card at Target, and thought if there’s any place it’s safe, it’s here; they probably have guards stationed around the data center with orders to shoot any computer that’s acting suspiciously.

But the fear grew. Every day: Check the statements, looking for the telltale entries:

GENERIC ASSOCIATES LTD $499

CONSOLIDATED ENTERPRISES INC $499

HAROLD2ISYOURPASSWORD CO. $499

Nothing. Whew. But then the Target CEO kindly offered credit monitoring for all, and while that’s nice, it was one more thing to worry about. It’s also like saying that after we gave your house keys to a team of arsonists, we’ll have the fire department trucks drive past a few times a week.

Finally, I decided I could trust my card no more and went to the bank to cancel it. Asked the kindly banker guy: So, lots of this going around? Paranoia, I mean.

He briefly assumed the expression of someone who’d worked a FREE BEER stand at Grand Old Days. “The first day after the story … yeah.” It had died down. Hadn’t heard of anyone who actually got dinged.

That’s a consolation, but if they didn’t do anything with the stolen numbers, what’s the point? So you can go down in history as someone who inconvenienced 40 million people to show he could? Yeah, you and the guy who shot Archduke Franz Ferdinand, buddy.

I got a temporary card, and the old one was shredded into strips. For some reason. you think of the hands of the hackers who caused you this aggravation.

Now to deposit some checks at the teller window! And then I’ll listen to a gramophone and maybe roll a big hoop down the street with a stick. It seems so old-timey, especially since I’ve gotten used to depositing pictures with the bank’s smartphone app — but since I changed the password to something 37 characters long that looked like an ostrich choking on a fish skeleton, it was impossible to enter correctly. Handed over my new card and the checks, and departed.

“Did you receive excellent service today?” asked the greeter as I left the branch.

“Depends on how far I get before the dye pack explodes,” I said.

“Have a great day.”

And I did. Right up until the moment at the grocery store when I pulled out my wallet and discovered I’d lost the new card. Somewhere. Somehow. Approximately 37 minutes in my possession, and I’d lost an unsigned card issued to BANK CUSTOMER. I’d laid myself open for theft with such ruthless efficiency it made hackers look like guys who walk into banks dressed in prison-orange jumpsuits, dragging a cannon.

All because I got paranoid about my card. I guess I’m saying I’m not as outraged as I was before.

I am peeved that I won’t pay for monitoring the account on the lost card, though. Cheapskate.

 

jlileks@startribune.com • 612-673-7858

  • related content

  • Jan. 17: Target attackers likely struck others

    Friday January 17, 2014

    Federal authorities issued a confidential technical bulletin to merchants with detailed technical descriptions of the point-of-sale malware hackers used to attack Target.

  • get related content delivered to your inbox

  • manage my email subscriptions

ADVERTISEMENT

Connect with twitterConnect with facebookConnect with Google+Connect with PinterestConnect with PinterestConnect with RssfeedConnect with email newsletters

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

question of the day

Poll: How will the Gophers and Vikings do this weekend?

Weekly Question

ADVERTISEMENT

 
Close