Note to readers: Redbrand Credit Union does not report to Equifax. However, that does not mean that you won't be affected by this massive breach. Please read through this to learn more about how this could affect you.

September 11, 2017

Equifax Breach
By: Mary Anne Colucci, LSC Director, Fraud & Risk, Illinois Credit Union League

Equifax, one of the major credit reporting agencies, released information on September 7, 2017 that a cybersecurity incident may have potentially impacted approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.

The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents.

Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.

Please see the Equifax website for more details and ways to protect yourself.
https://www.equifaxsecurity2017.com/.

Potential Fraud

Although this is not the largest breach that has ever occurred, it is the largest in respect to the severity of personal information taken. It has been reported that 44% of Americans are affected. At this time, it unknown who was behind the breach, if taken by criminals, the potential for the personal information to be sold and resold on the dark web is a real threat.

Here are some practical tips for individuals whose information may be compromised:

Phishing and Ransomware

Criminals will use an email, telephone messages (vishing) or text messages on cell phones (Short Message Service or SMShing) to trick recipients into disclosing personal and financial data. Some phishing attempts ask e-mail or text recipients to respond with personal information; and others include links to what appear to be familiar Web sites but are really spoofed copies. Once the user clicks on the link to the spoofed site, all future online activity gets funneled through the phisher’s system, giving him or her access to any account numbers and passwords the user enters online. To protect yourself from phishing:

The FBI recommends the following:

Visit //Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.