Nothing’s Certain in Life but Death, Taxes, and Hacks

Posted June 28, 2011 in Creditor/Debtor by Arthur Buono

People, even though LulzSec’s called it a day, today I’m coining two new never-truer sayings:

  • Nothing’s certain in life except death, taxes and hacks
  • If you build it, they will hack it

Knowing these things to be true, what can you do to recover from a hack of your bank or online service provider and avoid or limit any damage?

  • Surveillance is your first line of defense
  • Keep your account information and contact numbers where you can get them
  • Use different passwords and credentials for each account
  • Like this article? Share it with others using this link:


Notify Your Bank Any Time You Suspect Fraud


In just a few days we have the following hacks in the news:

Heather M. (our own) writes from somewhere in the Midwest: "are the rules for reporting fraud and unauthorized charges different if it’s the card issuer’s fault?" Remember, if your credit card is lost or stolen, you don’t have to pay for any unauthorized charges greater than $50. If you report the theft or loss before it’s used, you’ve saved that $50. If you haven’t lost the card but someone uses your card number, you owe nothing. As a practical matter, the major card issuing companies have a "$0 liability for fraud" policy.

With debit and ATM cards, time matters. Like with credit cards, if you report the theft or loss of the card before it’s used you don’t owe jack. After that your exposure goes like this:

  • report within two days of unauthorized use: $50 max
  • report more than two days after unauthorized use, but less than 60 days after receipt of statement with unauthorized charges: $500 max
  • wait more than 60 days from statement: you can lose your whole account balance

If the card’s not lost or stolen, but just the number is, you’re only liable for transfers happening after 60 days following the mailing of your bank statement containing the unauthorized use and before you report the loss. All of this comes from the Federal Trade Commission, if you want more deets.

Citigroup has said its customers aren’t liable for any unauthorized charges in this hacking episode. But it’s safe to follow the procedures outlined above even where the thieves attack not you but the bank or card company’s system. For example, a court in Maine has said a bank was not liable for $300,000 in unauthorized transfers from a customer’s account. The customer ate that. This is so even though the thieves exploited the bank’s systems, and not the customers’. So watch those online statements. You’d rather nip the fraud early than have to prove the bank was negligent later on.

So if your bank or other online service is hacked:

  • Watch your account! It’s smart to check your account online frequently for any suspicious activity anyway. For sure you should check your monthly paper statement promptly if you still get them
  • Use different credentials/passwords for all your online accounts. This will limit the collateral damage if one account is hacked. Plus you won’t have to change all your credentials every time any single account is hacked.
  • Be alert for suspicious offers. The data ripped from hacked accounts will be used more than once and even sold to others. It will be used for phishing and other types of scams.

Related Apps for Your Smartphone*

Budget – Track your spending and keep to a budget on the fly. $.99
Invoice Robot – Create and send invoices from your mobile device. $1.99
My Loan Calculator – Evaluate fixed-rate consumer and student loans, credit card debt. $1.99

*Please note that these apps are for informational purposes only, and neither LexisNexis nor endorses these apps or accepts liability for their use.

Related Links: