As some of you might have seen tweeted by Garnett Lee last night, I was recently a victim of credit fraud. In light of concerns raised by the theft of personal data from the PlayStation Network, I thought I'd share a little about my own experience and encourage everyone to be safe.
It started yesterday afternoon, when I was flipping through some news feeds; we do this all the time between writing stories. I stumbled on this piece from Ars Technica, where readers claimed to have been victims of credit card fraud, on the cards associated with the PlayStation Network.
That reminded me to check my own bank account, which I had been doing regularly since the story broke, and I found it roughly $1,500 lower than it should've been. It came in the form of three identical charges to a Giant Food in Germany, all for slightly over $500, which my bank later told me came over the course of three minutes -- one minute for each transaction.
(A helpful tweet later informed me that Giant Food doesn't even exist in Germany. I'm assuming the fraudsters were aiming to take the actual money, rather than buying $1,500 worth of bratwurst.)
After the moment of panic, I called my bank, which promptly put a freeze on my card and started the wheels rolling to send me a new one. I asked about getting the fraudulent charges revoked, but apparently I would have to wait until the transactions went through, which could take up to a week.
Then it was time to change my passwords. I had already swapped a few important ones, like my email and bank code, but now I figured I might as well go onto the full lockdown mode. So over the course of about an hour, I changed every password I have, to every site I can remember. It was probably the time to refresh my passwords anyway. Finally, since it's so close to the end of the month, I had to change all of my automatic payments to a different card, since the new one won't reach me in time.
I'm not sure when, but someone caught the fraudulent charges, and revoked two out of the three of them last night. That gave me back about $1,000, but I might have to wait for the third charge to go through and then start the fraud process with my bank. This was my debit card, so the situation could've been much worse. If the fraudsters had kept going, I'd have had the money I use to pay for food and bills wiped out completely.
I had been assuming that this was all related to the PlayStation Network hackers, but now there's some conflicting information. Sony says that the credit card information was encrypted, and it has no evidence that credit cards were compromised. Bloomberg reported that some of the major credit card companies (though not mine) said that they haven't seen unauthorized activity related to Sony. Meanwhile, the report from Ars Technica, a new one today from the Australian Broadcasting Company, and my own experiences, sound oddly similar.
I'm writing this to get across why it's important to be on your guard. Having your credit or debit card used is a frustrating, stressful exercise. If your debit card is compromised, like mine was, it can even leave you temporarily short on money in your bank account. Most of all, it's an invasion of privacy that leaves you with a different outlook on everyday financial interactions.
Keep an eye on your credit statements, keep in touch with your bank or credit agency, and change your passwords. An ounce of prevention could be worth $1,500 of cure.