Equifax Data Breach

Equifax, America's largest credit reporting agency, reported an enormous data breach on Thursday, Sept. 7. More than 143 million Americans could be impacted by this situation. Stolen data included names, addresses, birth dates, Social Security numbers, and, in some cases, driver's license numbers. In short - everything to make an identity thief happy.

The good news? There are many steps you can take to reduce the chance of being impacted by this breach. In light of your individual situation, please consider the information below and make a plan. Data hacks and fraud will continue to be with us, so it's a good idea to be aware of these steps.  This is a really long article, so grab a a cup of coffee.

Free Things You Can Do to Protect Against Fraud

  1. Frequently monitor all your credit union accounts. Daily is recommended if possible. Use any of our free apps or free online banking to handle this task.
  2. Open and review all monthly statements from financial institutions and credit card companies. Verify each transaction.
  3. Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach. This is worth repeating - Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach.
  4. Determine if you were affected by the Equifax breach. Equifax has set up a dedicated site where you can check on this.  You will be asked for your last name and the final six digits of your Social Security number. For those preferring to use the phone, the Equifax toll-free call center number is 866-447-7559.
  5. Equifax is offering free credit monitoring for a year to all Americans – not just those affected by the breach. You can sign up at the website mentioned above. That being said, this agency was just massively hacked. They may not be the best choice to be in charge of credit monitoring. The zero price tag is about the only positive here. (Information about similar paid services can be found in the section below.)
  6. Pull your credit report. This can be done free three times a year at annualcreditreport.com.  Along the virtual road, they will try to sell you helpful items such as your credit score and credit monitoring. It is not necessary to purchase any of these to get your credit report.
  7. If you find discrepancies on your report, learn how to correctly dispute them using this article from the Federal Trade Commission.  
  8. Download ATFCU's free MobiMoney app from either the App store or Google Play. This app can provide you with complete control of your ATFCU debit card. You can turn the card on and off and you can customize limitations for various types and locations of merchants. In fact, it can get way too complicated. We recommend that the only control you use is the one that sends you an alert every time your card number is used.
  9. If you have used identical passwords on several internet sites, change them. Once a thief identifies a working password, he'll try it on every site you may have ever visited.
  10. While we're on the topic of passwords – don't ever, ever give your digital banking credentials to another person or company. Relationships end, misunderstandings happen, situations arise.  Don't share that information.
  11. If you have not already done so, now would be a good time to place a verification code on your membership. This code is employed when an individual uses a phone call to request personal financial information.
  12. Finally, don't let your guard down – criminals will often lie low when a date breach is being publicized; then strike many months later.

More Expensive Things You Can Do to Protect Against Fraud

  1. Sign up for a paid credit monitoring service such as LifeLock or ID Shield or one of many others that do the same thing.  The other two credit bureaus - Trans Union and Experian - are also in this business. Check their websites for current pricing.
  2. Put a credit freeze on your accounts at the three credit reporting agencies – Experian, Trans Union, and Equifax. A credit freeze means that a lender cannot pull a credit report unless you specifically approve it. Because of that limitation, thieves cannot use your information to open new accounts.

What ATFCU is Doing to Protect Our Members Accounts

  1. Vantiv, our card processing processor, has a robust fraud-detection system to identify unusual use of your debit and/or credit cards. They look for out of area transactions, unusual patterns of use, uncharacteristically large amounts, and a number of other parameters. Members will be contacted directly by Vantiv if there is a questionable transaction.
  2. Regarding digital banking, we employ a system named Guardian Analytics that searches for abnormalities in how an account is used. For example, if a member always signs in using an IP address located in Abilene; we would be notified if someone was trying to sign into their account using an IP address in Russia. Other differences are similarly researched based upon a member’s digital banking history. In these cases, a representative from ATFCU's Member Information Center will contact the member.
  3. Our digital banking program is the most updated and secure available in the marketplace.
  4. We added an extra layer of security to incoming phone calls earlier this year. In order to verify the caller's identity, anyone requesting personal financial information will be asked for their personal verification code or must answer several questions about their ATFCU accounts.

Member Security & Inbound Phone Calls

The first priority at ATFCU is protecting our members' funds and their personal financial information. In recent months we have become concerned about emerging fraud patterns associated with incoming phone calls. The continuing data breaches of retailers and internet browsers means that information such as mother's maiden name, birth date, and Social Security number are not as confidential as they once were.  Bottom line - fraudsters can use this information to misrepresent themselves on the phone. 

ATFCU has taken the next step forward to secure member data. Each member and join owner is now being asked to establish an individual verification code that will be used to validate your identity on incoming phone calls. This code is separate from any passwords currently on your account.  Please use the following parameters to compose your verification code:

To establish your code, please visit the teller windows at any branch or call our Member Information Center at 677-2274 (toll free 800-677-6770).

Should you forget your verification code, or decline to establish one, your identity will be verified by a series of questions about your account(s) and/or membership.  Of course, no code will ever be needed for face-to-face transactions at ATFCU branches!  Thank you for your cooperation.

  1. Vantiv, our card processing processor, has a robust fraud-detection system to identify unusual use of your debit and/or credit cards. They look for out of area transactions, unusual patterns of use, uncharacteristically large amounts, and a number of other parameters. Members will be contacted directly by Vantiv if there is a questionable transaction.
  2. Regarding digital banking, we employ a system named Guardian Analytics that searches for abnormalities in how an account is used. For example, if a member always signs in using an IP address located in Abilene; we would be notified if someone was trying to sign into their account using an IP address in Russia. Other differences are similarly researched based upon a member’s digital banking history. In these cases, a representative from ATFCU’s Member Information Center will contact the member.
  3. Our digital banking program is the most updated and secure available in the marketplace.
  4. We added an extra layer of security to incoming phone calls earlier this year. In order to verify the caller’s identity, anyone requesting personal financial information will be asked for their personal verification code or must answer several questions about their ATFCU accounts.
    1. Frequently monitor all your credit union accounts. Daily is recommended if possible. Use any of our free apps or free online banking to handle this task.
    2. Open and review all monthly statements from financial institutions and credit card companies. Verify each transaction.
    3. Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach. This is worth repeating - Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach.
    4. Determine if you were affected by the Equifax breach. Equifax has set up a site where you can check on this. Navigate to www.equifaxsecurity2017.com where you will be asked for your last name and the final six digits of your Social Security number. For those preferring to use the phone, the Equifax toll-free call center number is 866-447-7559.
    5. Equifax is offering free credit monitoring for a year to all Americans – not just those affected by the breach. You can sign up at the website shown above. That being said, this agency was just massively hacked. They may not be the best to be in charge of credit monitoring. The zero price tag is a positive. (Similar paid services can be found in the section below.)
    6. Pull your credit report. This can be done free three times a year at www.annualcreditreport.com . Along the road, they will try to sell you helpful items such as your credit score and credit monitoring. It is not necessary to choose any of these to get your credit report.
    7. If you find discrepancies on your report, learn how to correctly dispute them using this article from the Federal Trade Commission: https://www.consumer.ftc.gov/articles/0151-disputing-errors-credit-reports
    8. Download the free MobiMoney app from either the App store or Google Play. This app can provide you with complete control of your ATFCU debit card. You can turn the card on and off and you can customize limitations for various types and locations of merchants. In fact, it can get way too complicated. We recommend that the only control you use is the one that will send you an alert every time your card number is used.
    9. If you have used identical passwords on several internet sites, (and we all have) change them. Once a thief identifies a working password, he'll try it on every site you may have ever visited.
    10. While we’re on the topic of passwords – don't ever, ever give your digital banking credentials to another person or company. Relationships end, misunderstandings happen, situations arise. Don't share that information.
    11. If you have not already done so, now would be a good time to place a verification code on your membership. This code is employed when an individual makes a phone call to the credit union and requests personal financial information.
    12. Finally, don’t let your guard down – criminals will often lie low when a date breach is being publicized; then strike many months later.
      1. Frequently monitor all your credit union accounts. Daily is recommended if possible. Use any of our free apps or free online banking to handle this task.
      2. Open and review all monthly statements from financial institutions and credit card companies. Verify each transaction.
      3. Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach. This is worth repeating - Do NOT click links in unsolicited emails that claim to be from Equifax or a partner company helping them clean up the data breach.
      4. Determine if you were affected by the Equifax breach. Equifax has set up a site where you can check on this. Navigate to www.equifaxsecurity2017.com where you will be asked for your last name and the final six digits of your Social Security number. For those preferring to use the phone, the Equifax toll-free call center number is 866-447-7559.
      5. Equifax is offering free credit monitoring for a year to all Americans – not just those affected by the breach. You can sign up at the website shown above. That being said, this agency was just massively hacked. They may not be the best to be in charge of credit monitoring. However, the zero price tag is a positive. (Similar paid services can be found in the section below.)
      6. Pull your credit report. This can be done free three times a year by using the following site www.annualcreditreport.com . Along the road, they will try to sell you helpful items such as your credit score and credit monitoring. It is not necessary to choose any of these to get your credit report.
      7. If you find discrepancies on your report, learn how to correctly dispute them using this article from the Federal Trade Commission: https://www.consumer.ftc.gov/articles/0151-disputing-errors-credit-reports
      8. Download the free MobiMoney app from either the App store or Google Play. This app can provide you with complete control of your ATFCU debit card. You can turn the card on and off and you can customize limitations for various types and locations of merchants. In fact, it can get way too complicated. We recommend that the only control you use is the one that will send you an alert every time your card number is used.
      9. If you have used identical passwords on several internet sites (and we all have), change them. Once a thief identifies a working password, he’ll try it on every site you may have ever visited.
      10. While we’re on the topic of passwords – don’t ever, ever give your digital banking credentials to another person or company. Relationships end, misunderstandings happen, situations arise. Don’t share that information.
      11. If you have not already done so, now would be a good time to place a verification code on your membership. This code is employed when an individual uses a phone call to request personal financial information.
      12. Finally, don’t let your guard down – criminals will often lie low when a date breach is being publicized; then strike many months later.
        • Codes consist of 4 to 18 alpha-numeric characters
        • Codes should be in English
        • Codes must be easily pronounceable
        • Codes cannot be obscene or profane
      13.  

        Newsletters

        Stay up to date on the latest credit union happenings. Use the links below to view our most recent newsletters.

        April 2017 Newsletter - K9 Officer for APD, Scholarships Available, Annual Meeting

        January 2017 Newsletter – Member Verification, Health Savings Accounts, Turbo Tax

        October 2016 Newsletter –Member to Member Transfers, Skip-A-Pay, Scholarship Recipients

        July 2016 Newsletter - Call Center Staff, Lower Vehicle Loan Rates, Discount Tickets