The Equifax Breach – A Comprehensive Guide Part 2

There’s been a lot of news about the Equifax breach recently. We put together a guide to help our members understand what happened, and how to protect your information.

Our CEO Robert Blumberg has written a letter on the steps we are taking to ensure our members are protected. You can find the letter at https://waunafcu.org/blog/robert_blumberg_letter/. 

Who is Equifax?

Equifax Logo

Equifax is a consumer reporting agency and one of the three largest credit bureaus in the nation. These bureaus retain the aggregate credit information of some 800 million American and Canadian citizens, including more than 88 million businesses internationally.

Why would they have my sensitive information?

Credit card companies, banks, credit unions, retailers, auto lenders, and mortgage lenders all report details of your credit activity to credit reporting agencies. Whenever you open an account extending credit, that company or entity reports to these bureaus.

What happened?

In May of 2017, hackers trolling the internet discovered an Equifax server using outdated Apache software vulnerable to attack.

What was stolen and how many were compromised?

Social Security numbers, birth-dates, addresses, names, driver’s license numbers, credit card numbers, and other documents. This breach is affecting more than 143 million US-based users.

Have I been breached?

Many of our members are wondering if they are affected, and if so what to do. The FTC has provided some guidance, but we have included some main steps below. If you do find that you were included, don’t worry, but protect yourself and take advantage of the Equifax services for those whose information was made available.

What do I do?

Guarding your personal information is a huge priority for Wauna Credit Union. By using advanced fraud-monitoring technology, our committed staff is watching your accounts. Although in the wake of the Equifax breach, thieves may be more prevalent in their attempts to steal your information. They might try one or many of the following:

  • Fraudsters are sourcing phone numbers to contact the Credit Union (caller IDs are displaying member’s actual phone number).
  • Impostors are saying they are members. They are providing accurate information when we ask questions to ID them.
  • Placing fake travel notifications. Fraudsters are then using cards outside of our members’ normal usage areas.

We understand how overwhelming identity theft can be. But there are ways to protect yourself, including steps you can take right now.

1. First of all, finding out if your data has been exposed is where you need to start. You can do this by entering your last name and the last six digits of your Social Security number at Equifax’s website*.
*As of 09/29/2017 this service has been listed as “temporarily unavailable”. Continue to check regularly as Equifax catches up to mass inquiries.

2. Whether or not you’ve been compromised, U.S. Equifax consumers are eligible for year of free credit monitoring and other services**. The site has provided a date when you can come back to enroll.
**Equifax has confirmed people who enroll in the credit monitoring program as a result of the breach would not waive their right to class action.

3. Using strong passwords is helpful. Also important is being aware of the information you provide when transferring secure information.

4. Reviewing your free credit reports is essential. Get started here.

5. Monitoring your accounts for unusual activity is key! Accounts on your credit reports that you didn’t open, or credit inquiries from entities you’ve never contacted are red flags. If you find evidence of fraud, let us and/or the appropriate financial institution know right away.

6. Open a “My Social Security account”, preventing bad guys from creating accounts in your name.

7. In addition, consider placing a credit freeze. Placing a credit freeze makes it more difficult for a thief to open an account in your name. A credit freeze will not stop a thief from changing your accounts.

8. Setting a fraud alert. This requires creditors to verify your identity before issuing a credit card, opening a new account, or increasing a credit limit on an existing account. A fraud alert will not stop a lender from opening credit in your name. Yet it does require lenders to take additional steps in verifying your identity. Better to be safe than sorry.

9. In the event that your identity has been compromised, file an identity theft report with the Federal Trade Commission (FTC) at identitytheft.gov or by phone at 1-877-438-4338.

10. Because of increasing attacks, some people are theorizing that we will see an increase in tax return fraud. If possible, file taxes early this year.

Also, be vigilant in watching accounts you have outside of the Credit Union and don’t click on suspicious links or open attachments. Additionally, do not respond to emails, text messages, or phone calls that are soliciting your information — no matter who the caller is claiming to be.

In the meantime, Wauna Credit Union is working around the clock to safeguard your finances. We are here to answer questions and address concerns.

For a list of FAQs regarding the breach, please visit https://goo.gl/tGWzP2, and as always, we are here if you have questions or concerns you wish to discuss.

A Letter from CEO Robert Blumberg on Data Security

In the wake of the Equifax breach, fraudsters may be even more prevalent in their attempts to steal your information. While this can be a very scary and unsure time, there are ways to protect yourself against potential fraud, including steps you can take right now.

Our staff is well-trained in sniffing out potential thieves and we are dedicated to the security of your finances, but you too need to be vigilant in protecting yourself and any other accounts you may have outside of the Credit Union.

Don’t click on web-links if they appear suspicious; don’t open attachments; and don’t respond to emails, text messages, or phone calls that are asking for your information — regardless of who the caller or sender is claiming to be.

Monitor your transactions daily and report irregular activity to us or to the card issuer, which you can do by dialing the 800 number on the back of your card. Update your code word, ensure we have your driver’s license on file, and change your passwords and PIN numbers. We also urge you to leverage the security alert services that Wauna Credit Union offers. Learn more by visiting our website at www.waunafcu.org.

In the meantime, rest assured that we are working around the clock to safeguard your personal information, and are here to answer any questions or concerns you may have.

Sincerely,

Robert Blumberg Signature

Robert Blumberg
CEO & President
Wauna Credit Union

The Equifax Breach: Your Comprehensive Guide.

UPDATE: In light of the Equifax breach and the fraud attempts on our members’ Credit Cards, ACH payments over $500 will have a 6 day hold placed before the funds will be made available to the member. Unfortunately there is not a way to narrow the ACH to just Telephone Payments, so it does apply to all ACH payments (web, recurring, etc). There also is not a way to exclude our routing number, so it will also apply to payments drawn on Wauna Credit Union Accounts.

There’s been a lot of news about the Equifax breach recently. We put together a guide to help our members understand what happened, and what the steps are to protect your information.

Who is Equifax?

Equifax is a consumer reporting agency and one of the three largest credit bureaus in the nation that retain the aggregate credit information of some 800 million American and Canadian citizens, including more than 88 million businesses internationally.

Why would they have my sensitive information?

Credit card companies, banks, credit unions, retailers, auto lenders, and mortgage lenders all report this information and the details of your credit activity to the major credit reporting agencies. Every time you open an account, which extends you credit, that company or entity reports the status of your account/s to these bureaus.

What happened?

In May of 2017, hackers trolling the internet for computer systems containing an exposed security flaw, discovered an Equifax server using outdated Apache software vulnerable to such an attack.

What was stolen and how many were compromised?

Social Security numbers, birth-dates, addresses, names, and in some cases, driver’s license numbers, credit card numbers, and other documents, are among the data stolen in a breach that has affected more than 143 million US-based users.

Have I been breached?

Many of our members are wondering if they are affected, and if so what to do. The FTC has provided some guidance, but we have included some main steps below. If you do find that you were included, don’t worry, but protect yourself and take advantage of the Equifax services for those whose information was made available.

What do I do?

Guarding your personal information is a huge priority for Wauna Credit Union, and by using advanced fraud-monitoring technology and services, our committed staff is persistently watching your accounts for suspicious activity. In the wake of the Equifax breach, thieves may be even more prevalent in their attempts to steal your information. They might try one or many of the following in order to access your accounts:

  • Fraudsters may use spoofed phone numbers to contact the Credit Union (caller IDs may show member’s actual phone number).
  • Suspicious callers are stating they are members, having all the accurate information needed, including name, DOB, DL #s, addresses, transaction history on cards, and traditional info we might ask a person over the phone to ID them.
  • Attempts are being made to place travel notifications so fraudsters can use the cards outside of our members’ normal usage areas.

We understand how overwhelming the thought of identity theft might be, but there are ways to protect yourself against fraud, including steps you can take right now.

1. The best and first place to start is finding out if your data has been exposed. You can do this by entering your last name and the last six digits of your Social Security number at Equifax’s website. The site will tell you if you’ve been affected by the data breach*.
*As of 09/29/2017 this service has been listed as “temporarily unavailable”. Continue to check regularly as Equifax catches up to mass inquiries.

2. Whether or not you’ve been compromised, U.S. Equifax consumers are eligible for year of free credit monitoring and other services**. The site has provided a date when you can come back to enroll.
**Equifax has confirmed people who enroll in the credit monitoring program as a result of the breach would not waive their right to class action.

3. Use strong passwords and always be aware of the information you provide when opening an account, conducting a transaction, or anywhere you might be transferring secure information.

4. Review your free credit reports. You are entitled to a free credit report every 12 months from each of the three major consumer reporting companies (Equifax, Experian and TransUnion). Get started here.

5. Take the time to monitor your accounts for unusual activity! Accounts on your credit reports that you didn’t open, inaccurate information, or credit inquiries from entities you’ve never contacted are all potential red flags that require immediate attention. If you find evidence of fraud, let us, the appropriate financial institution, and/or the credit reporting bureau know immediately.

6. Open a my Social Security account, which will prevent the bad guys from creating an account in your name, even if they’ve made off with your Social Security number.

7. Consider placing a credit freeze. Placing a credit freeze makes it more difficult for a thief to open a new account in your name. FYI, however, a credit freeze will not prevent a thief from making changes to your existing accounts.

8. Set a fraud alert, which requires creditors to verify your identity before issuing a credit card, opening a new account, or increasing a credit limit on an existing account. A fraud alert will not stop a lender from opening credit in your name, but it does require lenders to take additional steps to verify your identity beforehand. Better to be safe than sorry.

9. If you discover your identity has been compromised, you should file an identity theft report with the Federal Trade Commission (FTC) at identitytheft.gov or by phone at 1-877-438-4338.

10. Due to the increased amount of information available, some people are theorizing that we will see an increase in tax return fraud, so if possible do your taxes as early as possible this year.

Our staff is well-trained in sniffing out potential thieves, but we also need you to be vigilant in watching any accounts you may have outside of the Credit Union. Further, don’t click on suspicious links, don’t open attachments, and don’t respond to emails, text messages, or phone calls that are soliciting your information — no matter who the caller or sender is claiming to be.

In the meantime, rest assured that Wauna Credit Union is working around the clock to safeguard your finances, and we are here to answer any questions or concerns you might have.

For a list of FAQs regarding the breach, please visit https://goo.gl/tGWzP2, and as always, we are here if you have questions or concerns you wish to discuss.