Case Study: Breach Takes Bite out of Big Apple Lunch

An avid crafter falls victim to the Michaels Stores Inc. data breach.

Wednesday, October 05, 2011
Kelly Colgan’s business lunch in the Big Apple turned rotten when she found herself stranded with no cash, no access to her debit and credit cards—which had been frozen—and dependent on the kindness of strangers to help her get back to her home in Rhode Island.
Colgan, an avid crafter, soon found out she was among tens of thousands of Michaels stores customers whose banking information had been stolen from checkout line PIN pads. Thieves used that data to create fake debit and credit cards. In Colgan’s case, they tried to withdraw money from her accounts, until the bank put the kibosh on their attempts.
“It’s devastating to feel so alone in New York City,” said Colgan, public relations manager at CyberScout. “I had no money and no way to do anything about it.”
Data breaches can happen to anyone. More than 540 million records have been exposed in data breaches since 2005, according to the Privacy Rights Clearinghouse, a nonprofit consumer organization. Many consumers have received the telltale notification letters alerting them that their information had been compromised. But many more don’t; they’re unaware that their personal information is at risk.
Data breach victims are more likely to become victims of other kinds of fraud, especially identity theft, according to Javelin Strategy & Research. Last year alone, new account fraud—when an account is created with a stolen identity—contributed to $17 billion in losses in the United States.
Fortunately, Colgan had access to our company’s fraud center, which assigned fraud investigator Mark Fullbright to the case. He reassured Kelly that he would be able to put safeguards in place to monitor her credit and ensure that any fraudulent activity would be removed at once. He immediately:
• Conducted a complete interview to determine what type of breach occurred
• Placed a fraud alert on Colgan’s credit report
• Enrolled her in CyberScout’s fraud and credit monitoring program for one year to watch for additional fraud.
Consumers who are victims of a breach should call their insurer or bank, which may provide LifeStages™ Identity Management Services. Or contact us directly.
The bank’s actions protected her from full-fledged identity theft, but it left her cash poor in Manhattan.
“No one is immune to exposure from a data breach,” Colgan said. “I’m proof positive that it can happen to anyone.” 


© CyberScout, LLC. All Rights Reserved.
If you need identity theft assistance, call your provider organization to be put in touch with the CyberScout Resolution Center. More information for individual consumers.