Equifax Cyber Security Attack
on Friday, September 8, 2017
Security & Fraud Information
Northwest Bank is providing you with information shared by the American Bankers Association regarding the Equifax Data Breach.
On Sept. 7, Equifax announced that the records of approximately 143 million Americans were breached between May & July of this year.
- Those records contained names, birth dates, addresses, Social Security numbers and some driver’s license numbers. At this time, it appears hackers did not gain access to full credit reports.
- In addition to the personal information accessed, 209,000 credit card numbers were obtained.
- Equifax has indicated that debit cards were not exposed – therefore criminals are unlikely to have the ability to withdraw funds from a checking account.
- The biggest risk posed by this breach is the threat of identity theft.
Frequently Asked Questions
I’ve been hearing about the Equifax breach in the news. What happened?
Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.
Was my information stolen?
If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: https://www.equifaxsecurity2017.com/. Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.
How can I protect myself?
- Enroll in Equifax’s services.
Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at https://www.equifaxsecurity2017.com/.
- Monitor your credit reports.
In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at annualcreditreport.com. You are entitled to one free report from each of the credit bureaus once per year.
- Monitor your bank accounts.
We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.
Watch out for scams related to the breach.
Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.
Should I place a credit freeze on my files?
Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus. A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account.
How do I contact the three major credit bureaus to place a freeze on my files?
Equifax: Call 800-349-9960 or visit its website.
Experian: Call 888-397-3742 or visit its website.
TransUnion: Call 888-909-8872 or visit its website.
Where can I get more information about the Equifax breach?
You can learn more directly from Equifax at https://www.equifaxsecurity2017.com/. You can also learn more by visiting the Federal Trade Commission’s web page on the breach at https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. To learn more about how to protect yourself after a breach, visit https://www.identitytheft.gov/Info-Lost-or-Stolen.
Best Practice Tips:
Be Extra Careful About Emails and Links
- Avoid clicking on links or downloading attachments from suspicious emails that claim to be updates from Equifax.
- Equifax will send paper mail to consumers whose credit card numbers or dispute documents with personally identifying information were impacted.
- Especially if you typically use similar passwords and security questions on multiple accounts. Once hackers have access to ID and password information for one system, they routinely try the same combination against multiple other platforms to see which ones work, an easily automated process.
Make your password a sentence: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.
Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer. You can alternatively use a service like a password manager to keep track of your passwords.
Enable Two-Factor Authentication
- Two-factor authentication keeps criminals from resetting passwords since it sends a text message or calls the customer's phone with a code as a second verification step. The code which must be typed in before the account can be opened.
Check All Online Accounts
- Reviewing all online accounts for suspicious activity. This includes bank, wealth accounts, credit card companies and hotel and airline loyalty programs. Hackers frequently slice and dice information from large data breaches, selling groups of user information for specific companies on the dark web. Even the smallest accounts can be bundled together into a large group to be sold.
If you suspect fraud please contact us at 1-800-678-4105 during normal business hours or for after hours call Shazam (for Debit Cards) at 1-866-508-2693.