recent breachesBy this point, holiday shoppers are well aware of the dangers that lurk online as well as in the various stores and restaurants they visit this time of year when it comes to fraud. In case you’ve forgotten, perhaps news of two data breaches that was broken by cybersecurity blogger Brian Krebs this week will serve as a reminder. These recent breaches involve Safeway grocery stores as well as Landry’s Inc., a company that manages multiple well-known restaurants across the country. Although data breaches might seem like old news at this point, it’s important for consumers to pay attention to the details of each one that pops up — especially if there’s a chance you could be impacted. We’ve outlined the important information you need to know, along with some tips for protecting yourself from card fraud and other acts of identity theft this holiday season.

Point-of-sale devices were the target in both recent breaches

In the case of Safeway, skimmers were found attached to credit card machines in three Denver, Colorado stores as well as at least two stores in the San Francisco Bay Area, California. According to Safeway spokespeople, their point-of-sale systems are routinely inspected to check for card skimmers or other tampering. When the intrusions were discovered in November, the company acted immediately and was able to use surveillance to determine when the skimmers were installed as well as how many customer transactions had been performed during that time period. Krebs, who first reported on the matter, has cited information from numerous banking sources that points to multiple attacks on stores in Colorado and California — although Safeway has responded with claims that Bay Area customers’ information was not compromised.

Landry’s, Inc., which operates many well-known chain restaurants across the country such as Bubba Gump Shrimp and Claim Jumper, announced Dec. 17 in a press release that it is investigating reports of unauthorized charges on payment cards used in some of its restaurants. At this time, it is unknown how many locations were affected, but customers can check the Landry’s website for a list of the various restaurants and other establishments it operates to determine whether they might have been exposed. If you believe you may have been the victim of card fraud after visiting a Landry’s location, you are urged to contact your financial institution as soon as possible to dispute the charges. According to Krebs’ sources, the problem appears to have begun in May 2015 and might still be occurring at some Landry’s restaurants.

Why do scammers target point-of-sale devices?

Especially in the case of self-checkout lanes at grocery stores, ATMs and gas pumps, these systems are often left unattended for periods of time during which a criminal can easily install skimming hardware without anyone realizing it. As we detailed in our lengthy post on skimmers earlier this year, this technology has grown more and more sophisticated over time, with criminals adapting their tools and tactics to make it more and more difficult for customers (as well as employees) to tell if a machine has been tampered with. It was thought that much of the data theft that happened during last year’s Home Depot breach was thanks to self-checkout point-of-sale devices that had been altered.

Of course, skimmers aren’t the only way thieves can target point-of-sale devices. Those responsible for large-scale retail attacks like the one that hit Target two holiday seasons ago accessed the company’s systems by hacking in through an unsecured “back door” left open by a third-party vendor. Security in stores and restaurants is, unfortunately, not up to snuff in the U.S. — something that has been proven time and again as company after company has been victimized by fraudsters to the frustration of customers tired of data breach notifications and offers of complimentary credit monitoring.

How can I protect myself as a shopper and diner?

If you are concerned that your information may have been compromised in either of these recent breaches, the first thing you should do is check your payment card statements and look for signs of fraudulent use, such as multiple charges at one location or even purchases you don’t recognize. If you spot any, you should also contact your bank or credit card provider directly to report the fraud. The next thing you can do is be sure to follow any directions offered by the company that lost your information — and pay attention to any new developments. Both of these breaches are still under investigation, so more information will definitely be yet to come.

When it comes to protecting yourself, educating yourself about skimmers and how to check for them is a great start. Additionally, pay attention to when and where you use your credit or debit cards, that way if there is a data breach at a company you’ve used, you’re likely to find out sooner rather than later. It seems as if it’s almost inevitable that somewhere you shop, eat or otherwise use a card is bound to be breached. While that may be true, paying attention to your statements and accounts as well as being observant overall when it comes to using your card can be helpful. If your bank or credit card provider has issued you an EMV chip-enabled card, now’s the time to start using it wherever you can, since these cards can help cut down on fraud. Additionally, using a credit card over a debit card in general can be a good rule of thumb since credit card providers won’t hold you responsible for fraudulent charges (and it’s less damaging to have a criminal rack up a high bill than see your bank account drained).

For more tips and information on data breaches and protecting your security, follow our identity theft protection blog.