The recent Target security breach has drawn a great deal of attention to the security measures used by retailers to protect consumers’ financial information from hackers. However, not all identity thefts involve complex hacking schemes; sometimes, all the necessary information can be found right on a paper receipt. If a retailer fails to redact a credit card number, any person who finds the receipt might be able to utilize the card. Thanks to the Fair and Accurate Credit Transactions Act (“FACTA”), most consumers can rest assured that their financial information is safe. FACTA instructs anyone who accepts credit or debit cards for business purposes not to display more than 5 digits of the card number on any electronically printed receipt. FACTA also prohibits retailers from printing any portion of the expiration date on the receipt. While the rule does not apply to non-electronic receipts (such as when it is necessary to make an imprint of your card), this requirement covers the vast majority of today’s debit and credit transactions. Consumers should always check their receipts to make sure that the retailer has redacted in accordance with the requirements of FACTA. Any retailer who fails to comply may be liable for a consumer’s damages (including credit harm from resulting identity theft), attorney’s fees, and, if a court determines that the retailer’s conduct was “willful” (that they acted intentionally, or that they purposefully ignored the law), they may also be liable for statutory damages of up to $1,000. If you believe that you are a victim of identity theft, you should check your credit report right away and dispute the charges with the creditor and the consumer reporting agency.