;
equifax-breach-top-banner

Managing your personal finances in today’s climate can be an effort at times. The recent Equifax security breach is just one example of the new types of challenges that our members increasingly face in today’s financial services environment. 

As your financial institution, CFE is committed to helping you meet these challenges head on.  We hope the following information is helpful for you.  

Frequently Asked Questions


What is the Equifax Security Breach? 

From mid-May through July 2017, computer hackers gained accessed to over 143 million individuals’ personal information by hacking the credit bureau Equifax’s computer systems. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people was also compromised. This security breach constitutes the largest security breach in American history and affects over 1/3 of the American population.

 

How did the Equifax Security Breach happen? 

The hackers gained access to Equifax’s computer systems via an unpatched U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638.

 

What should I do to determine if my personal information has been compromised?  

Equifax has set up a website where you can determine if your personal information may have been compromised. Visit Equifax’s website, equifaxsecurity2017.com, and follow the instructions provided to determine if your personal information may have been compromised. You may also enroll in one free year of credit report monitoring from Equifax when visiting the site listed above.

 

What should I do to protect my identity moving forward?

If you believe your personal information has been compromised, there are preventative steps you can take to mitigate the chances of fraudsters successfully committing identity fraud using your personal information. 

  • Check your credit reports: Check credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files: A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely: Monitor your accounts for charges you don’t recognize.
  • Consider placing a fraud alert on your files: If you decide against a credit freeze, a fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early: File your taxes as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.
  • Speak to a financial coach for free: CFE has partnered with Balance Financial. You may contact Balance and speak to a certified expert that can help you resolve any issues related to identity theft, or help review your credit report for suspicious activity. 
Does CFE offer any services or products related to identity fraud?

CFE partners with BALANCE, a nonprofit organization dedicated to consumer financial health. As a CFE member, you can use BALANCE to navigate this situation and take actionable steps to protect yourself if you believe you have been impacted by this data breach. BALANCE offers a variety of resources that can minimize the fallout from data breaches, especially if you find yourself a victim of identity theft. To learn more, visit balancepro.org.

 

What do fraud alerts and credit freezes do? 

With a fraud alert, businesses must try to verify your identity before extending new credit. Usually that means calling to check if you’re at a particular store attempting to take out new credit. With a credit freeze, no one – including you – can access your credit report to open new accounts. You’ll get a PIN number to use each time you want to freeze and unfreeze your account to apply for new credit.

 

How long do fraud alerts and credit freezes last? 

A fraud alert lasts for 90 days. You can renew it but you’ll need to remind yourself or it will expire automatically. Identity theft victims are entitled to an extended fraud alert, which last seven years. In almost all states, a credit freeze lasts until you temporarily lift or permanently remove it. In a few states, it expires after seven years. 

 

How much do they cost?

Fraud alerts are free. Credit freezes may involve fees, based on state law. In most states, they’re free for identity theft victims. For non-victims, they cost about $5 to $10 each time you freeze or unfreeze your account with each credit reporting agency. 

 

How do I place a fraud alert or credit freeze?

To place a fraud alert, contact any one of the three major credit reporting agencies, either by phone or online. The one you contact is required to notify the other two. If you’re an identity theft victim placing an extended fraud alert, you’ll also need to mail or upload your Identity Theft Report which you can create at IdentityTheft.gov. To place a credit freeze, you must contact each of the three credit reporting agencies individually at their credit freeze portals.

 

How is CFE related to this security breach? 

CFE is not related or responsible for this security breach in any manner. However, as a financial institution committed to its members’ financial well-being, we work with our members to ensure they are doing everything they can to avoid identity fraud.