Intuit's Mint.com, a personal financial management website that aggregates transaction data from multiple accounts, is scanning its data to identify and alert possible victims of the massive Target Corp. data breach.
The breach affected about 40 million credit and debit card users who made purchases at Target during the height of the holiday shopping season. Mint emailed alerts to its users Dec. 26 if it spotted any spending at Target during that period.
Mint's notice fills a void for many consumers awaiting feedback from their bank or credit union in the wake of the Target breach. Financial institutions have been sharply divided on how to respond JPMorgan Chase placed spending limits on affected cards but did not proactively cancel them, whereas Golden 1 Credit Union chose to reissue all affected cards at a cost of up to $350,000.
"You used your debit or credit card at Target in the last 30 days," Mint's email alert says. "As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores for cards used between 11/27 - 12/15. Even if you shopped at Target during this time frame, it doesn't mean you are a victim of fraud. In fact, in other similar situations, there are typically low levels of actual fraud."
The email concludes with a link to Target's website to provide more information about the breach.
Personal financial management sites do not typically serve as proactive fraud alert systems, but Mint has played this role before. In 2009, a bogus merchant called Adele Services of Melville, N.Y., was making unauthorized 25-cent charges to millions of consumer accounts.
After Adele was exposed, Mint checked its customers' accounts and found that 800 of its users had accounts with suspect Adele transactions.
The incident inspired Mint to start scanning accounts on an ongoing basis to alert consumers of avoidable expenses such as ATM fees.