Thousands of people who shopped at Target recently will be getting new credit or debit cards, issued by local banks and credit unions in the wake of hackers stealing credit data from about 40 million Target customers.
"People will be receiving new cards for Christmas," said Brad Hunter, senior vice president at Exchange Bank. "Even if they don't ask for it. It's the approach most smaller institutions are taking."
Regional and national banks began employing a variety of precautionary measures after Target said last week that customers' names, card numbers, expiration dates and security codes were believed to be stolen during the data breach. The news came in the midst of the holiday shopping and travel season, so banks had to walk a fine line between protecting customers' accounts and impeding their holidays.
On Monday, Exchange Bank mailed new debit cards to 5,300 customers who shopped at Target over the period the store was hacked, from Nov. 27 to Dec. 15. Hunter described the move as "a precaution."
So far, no customers have reported any losses from the hacking, he said, adding that it could still happen: It may take the thieves a while to make fake credit cards using stolen numbers.
"Target is saying, 'Hey look, someone got into our system and their intent was to steal information.' Whether that base of cards ever finds its way into someone's hands, I'll probably never know because we're shutting down those cards," Hunter said.
Customers may continue to use their old cards until they are deactivated in a few weeks.
Redwood Credit Union also is developing plans to issue new cards said Cynthia Negri, executive vice president in charge of lending.
She said the credit union has not determined how many of its 220,000 members will be getting new cards. She also could not say whether the credit union will be sending out new credit cards, debit cards or both. They will begin sending out the cards sometime after Jan. 1.
She also said no customers have reported being affected by the breach and that the credit union's actions were a precaution. She added that the credit union has been communicating with members and encouraging them to closely monitor their accounts.
"We're monitoring accounts as well," she said.
The spokesperson for Umpqua, a regional bank based out of Portland, Ore., could not be reached for comment Tuesday, but a customer resource center representative said the bank plans to send out roughly 14,000 replacement cards by mid-January and that customers will be able to use their old cards until they get a new one.
National banks also have responded to the breach. Most notably, JPMorgan Chase & Co., the biggest U.S. bank, tightened spending and withdrawal limits on 2 million customers who used debit cards at Target during the shopping season. At first, it set limits at $100 in cash from ATMs and $300 in purchases per day, frustrating some who needed the cards to pay for travel or gifts. To minimize inconvenience to customers, it raised those reduced limits to $250 at ATMs and $1,000 in purchases per day, Chase said on its website Monday.
If affected people need to withdraw more money, they can do so at a bank branch. People with credit cards can continue to use them normally.
"We realize this could not have happened at a more inconvenient time with the holiday season upon us," the bank said on its website. "We are taking these precautions to combat fraud and prevent criminals from using Chase cards."
Bank of America, the biggest U.S. debit-card issuer according to the industry newsletter Nilson Report, and Wells Fargo, the second biggest, have not imposed limits on affected customers.
Bank of America said on its website that it is monitoring customers' accounts.
Wells Fargo is monitoring cardholder accounts but not reissuing cards unless requested by a customer, said Holly Rockwood, a Wells Fargo spokesperson for the Bay Area.
Staff Writer Paul Payne and Bloomberg News contributed to this report.
UPDATED: Please read and follow our commenting policy: