Equifax Data Breach Settlement Information

The Federal Trade Commission (FTC) has information that will help credit unions and their members file a claim to collect benefits under a settlement that the FTC and others reached with Equifax. It is estimated that roughly half the country is eligible to make a claim against the settlement. Now, you can now find out if you were affected by the September 2017 breach and make your claim for benefits.

Start at ftc.gov/Equifax. There, you can use a tool to find out if your information – like your Social Security number (SSN) – was exposed in the breach, learn about benefits, and start your claim to get free credit monitoring and maybe even cash. If your info was exposed in the breach, the settlement will give you up to 10 years of free credit monitoring. That means you’ll get an alert whenever somebody checks your credit history, opens a new loan or credit card in your name, or says a payment is late. So, if somebody has, say, your SSN and tries to use it to get a loan, this free credit monitoring service would let you know right away. That’s the kind of information that might make a real difference when you apply for a job, try to rent an apartment, or apply for credit.

Check out ftc.gov/Equifax to learn more and be sure to file your claim by January 22, 2020.

I. What Happened

On July 29, 2017, Equifax discovered that criminals exploited a U.S. website application vulnerability to gain access to certain files. Upon discovery, we acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

II. What Information Was Involved

Most of the consumer information accessed includes names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 consumers and certain dispute documents, which included personal identifying information, for approximately 182,000 consumers were accessed. In addition to this site, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. We have found no evidence of unauthorized access to Equifax’s core consumer or commercial credit reporting databases.

Identity Theft Prevention Tips

We recommend that you remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring your credit reports. You may obtain a free copy of your credit report from each company listed below once every 12 months by requesting your report online at www.annualcreditreport.com, calling toll-free 1-877-322-8228, or mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report by contacting any of the credit reporting agencies below:

Equifax
PO Box 740241
Atlanta, GA 30374
www.equifax.com
888-766-0008

Experian
PO Box 9554
Allen, TX 75013
www.experian.com
888-397-3742

TransUnion
PO Box 2000
Chester, PA 19016
www.transunion.com
800-680-7289

If you believe you are the victim of identity theft, you should contact the proper law enforcement authorities, including local law enforcement, and you should consider contacting your state attorney general and/or the Federal Trade Commission (“FTC”). You also may contact the FTC to obtain additional information about avoiding identity theft.

Federal Trade Commission, Consumer Response Center
600 Pennsylvania Avenue NW, Washington, DC 20580; 1-877-IDTHEFT (438-4338)
www.ftc.gov/idtheft

Tips for Protecting your Information

We would like to remind you of the value of taking good security precautions. It is a good idea to develop strong and secure online passwords and to change them frequently. Below are a few tips for good password practices.

• Include numbers, symbols and letters.
• Use a combination of capital and lowercase letters.
• Do not use the same password across multiple sites.
• Do not store important passwords, such as your home banking password, in your email account.
• Monitor your accounts regularly for suspicious activity.

Report Suspicious E-mails

Internet scams are nothing new, and as more of us conduct our business online, we’re also becoming more business savvy in spotting suspicious e-mails. Unfortunately, the Internet scammers are becoming more sophisticated in their tactics, for example, creating fake websites which appear to be legitimate, but are actually designed to lure unsuspecting users into providing confidential information.

How the “PHISHERS” Lure You

Phishing (pronounced “Fishing”) is an online fraud technique used by criminals to entice you into to disclosing your personal information. One of the most common – and successful – techniques is to send you fake messages that mimic valid messages or websites from a company you trust, such as your financial institution, a credit card company, government agency, or online shopping site. The logos and the links all look correct.

Asking For Personal Information

Usually, the messages open by reporting a problem with your account, and will ask you to verify the following information:

• Name and online user name
• Address and phone number
• Social Security Number
• Account password or PIN
• Account number
• ATM/debit or credit card number
• Credit card validation code, (CVC). This is the code credit card companies use to authorize credit charges. American Express uses a 4-digit CVC number which appears on the front of your card, while Visa, MasterCard and Discover all use a three-digit number that is on the back.

Providing any of this information is the online equivalent of giving criminals the keys to your house. They can empty your financial accounts, run up charges on your credit cards or open fraudulent credit card accounts in your name. And it can take years to repair the damage to your financial integrity.

Suspicion = Protection

Be suspicious of e-mails that ask for personal information, and be alert to other common scams such as foreign lotteries, requests to transfer funds from overseas bank accounts and work-from-home opportunities.

• Delete any e-mail you don’t trust – even opening a “phishing” e-mail can plant a virus or spyware on your PC.
• Never send confidential information by e-mail. If you think you have been scammed and your confidential information compromised, contact your credit card companies and financial institutions immediately. Report it to the Federal Trade Commission . And contact all three credit reporting bureaus to have alerts placed on your credit reports.

• Equifax: equifax.com | 888.766.0008
• Experian: experian.com | 888.397.3742
• TransUnion: transunion.com | 888.909.8872

Remember, neither Motion nor any legitimate business will ever send you an e-mail asking for personal information. If you receive an e-mail that you’re suspicious of, don’t respond to it.

10 Ways to Protect Against Debit Card Fraud

1. Update your contact information with your financial institution. Your Credit Union can’t ask you about a suspicious charge unless it has your current phone number.

2. Copy the customer service phone number from the back of each of your debit or credit cards and keep this list in a separate location from your purse or wallet in case a thief steals the latter.

3. Let your financial institution and card issuers know your travel dates and destination. If your card gets swiped at an unusual location, the card issuer may decline the suspicious transaction.

4. Look out for ATMs that appear to be dirty or in disrepair. A fake machine may be set up to capture your card information.

5. Do not use ATMs with unusual signage, such as a command to enter your PIN twice to complete a transaction.

6. Watch out for ATMs that appear to have been altered. If anything on the front of the machine looks crooked, loose or damaged, it could be a sign that someone attached a skimming device.

7. Avoid using the ATM if suspicious individuals are standing nearby. Criminals may try to distract you as you use the machine to steal your cash, or watch as you type in your PIN.

8. Be aware that if your card gets stuck in the machine and someone approaches to help, it may be a scam. A criminal may be trying to watch as you enter your PIN code.

9. If your card gets stuck in the machine, call your financial institution promptly to report the incident.

10. As you key in your PIN, cover the keypad with your other hand to block anyone, or a camera, from viewing the numbers you type.

Important Note: Remember to check your balance on a regular basis. Federal law doesn’t protect debit cards to the same degree as credit cards when it comes to fraud. If you notify the bank within two days of discovering the card was lost or stolen, your loss is limited to $50. After two days, this amount jumps to $500, and after 60 days of receiving the statement with the fraudulent charges, your loss may be unlimited.

You can download a PDF of these 10 tips here.