The Target Security Breach – What it means for you?

Target Security Breach

The Target Security Breach – What it means for you?

The recent Target security breach compromised the personal and financial data of nearly 40 million Americans and according to John Fox, founder of the marketing firm Venture Marketing, that is just the tip of the iceberg. Names, credit card numbers, social security numbers, home addresses, and e-mail addresses have been exposed in hundreds, possibly thousands, of security breaches targeting major corporations and advertising and marketing agencies such as JPMorgan Chase & Co, Citigroup, Capital One, Kroger Best Buy, and Marriott.  It is estimated that these breaches have affected 1 in 3 adults – just in the United States. So what do these data security breaches mean for you, as a paralegal? Well, it might mean that you need to learn more about internet security, but it could also mean new job responsibilities and opportunities.

New Job Responsibilities

As technology becomes more and more commonplace, so does junk and spam e-mail, pyramid schemes, internet scams designed to steal people’s money, credit card fraud, and identity theft. This means that we should all educate ourselves and take active steps to protect our private and financial information, which is where a pro-active paralegal can step in, creating new job responsibilities for yourself, and opening your firm up to a whole new area of client services that not very many companies are providing. Here is how to do just that!

1. Educate yourself about internet security and privacy. Learn how to recognize scams, keep your information secure, and minimize the risk of identity theft. Some great places to start reading and learning include:

  • The U.S. Financial Fraud Enforcement Task Force’s website,

2. Develop a plan for assisting clients who have been a victim of a security breach. A good client protection plan will include:

  • Cancelling credit and debit cards. The first step after falling victim to a security breach is to cancel all credit and debit cards, having each re-issued with new numbers. This can be done by calling the number on the back of the card. If a client is no longer in possession of his or her card, you can look up the number to call using your favorite search engine to find the issuing bank’s website.
  • Obtaining copies of current credit reports. Once all credit and debit cards have been cancelled, you will want to obtain a copy of the client’s credit report to review for any suspicious or unauthorized activity. Consumers are allowed to obtain one free report from each of the three major credit reporting agencies every twelve months by visiting Once you have obtained a report, you will want to review it with your client for new accounts that may be a result of fraud or a stolen identity.
  • Drafting letters to the credit reporting agencies. Client’s who have been the victim of a security breach or identity theft may need assistance contacting each of the credit reporting agencies about fraudulent charges and/or accounts listed on their credit report. You can find a form letter to use on the FTC’s website here.
  • Placing fraud alerts. If a client has had his or her social security number and/or identity stolen, you will want to help them put a fraud alert with all three nationally recognized credit reporting agencies, so that no new credit accounts can be opened without the company verifying the identity of the person attempting to obtain credit. For more information and complete instructions, see the FTC’s Place a Fraud Alert webpage.
  • Resolving disputes with issuing banks. A victim of a security breach may need assistance getting new accounts opened in his or her name closed or fraudulent charges on existing accounts removed. The FTC provides form letters for such requests here.
  • Filing fraud and identity theft complaints. The FTC provides an affidavit that can be used to prove to each company with whom a thief opened an account or made fraudulent charges that the victim is not responsible for the accounts and/or charges. Most companies will accept this form, but others may require additional information or use of their own forms. Download the Identity Theft Victim’s Complaint and Affidavit.
  • Obtaining copies of the documents used by the identity thief. When a thief opens fraudulent accounts in a victim’s name, the victim is entitled by law to copies of any documents used by the thief in opening and/or using the account.  The FTC provides a form letter you can use to request the documents. Along with this completed letter, you should enclose an Identity Theft Victim’s Complaint and Affidavit a copy of Section 609(e) of the Fair Credit Reporting Act, and proof of your client’s identity, such as a photocopy of his or her state issued identification.
  • Stopping collection attempts. Victims of fraud and identity theft can sometimes find themselves being harassed by collection calls and letters attempting to collect on a fraudulent account opened by a thief. You can help them get these collection attempts to stop by writing to the company who is trying to collect. The FTC provides a form letter for this, and suggests that you include with the letter,  Identity Theft Victim’s Complaint and Affidavit a copy of its Notice to Furnishers of Information.

3. Talk to your supervisor about your client protection plan.  Ask how the firm might be able to incorporate your client plan into its existing client services.

New Opportunities

If you are a freelance paralegal or thinking of becoming one, you  might want to consider offering fraud and identity theft services as a way of bringing in a whole new client base. Just following the steps above to educate yourself about internet security and privacy and create a client protection plan, then begin advertising your new service. You might also want to consider additional consumer help services such as:

  • Assisting client’s who have been the victim of an internet or phone scam file complaints with and notify the proper agencies
  • Filling complaints with the Better Business Bureau, Secretary of State, and other consumer protection and government agencies

Because these services are all administrative type services, they are generally not likely to cross into the realm of practicing law. Therefore, as long as you are mindful of what can be considered the unauthorized practice of law in your state, you should be able to offer these consumer protection services directly to members of the public without issue.

None found at this time.
About Shelley Riseden

Shelley M. Riseden is a freelance paralegal providing research, document preparation, and writing services to both attorneys and non-attorneys. She is an expert at conducting legal research and has a natural ability to grasp complex legal issues.Phone: 765.667.5139, E-mail: or, Skype: shelley.riseden, Yahoo: Virtually_Legal

Speak Your Mind


You might also likeclose
Real Time Web Analytics