Concerned about the Equifax breach? See our FAQ to learn more about the breach and how to protect yourself.
Frequently Asked Questions
I’ve been hearing about the Equifax breach in the news. What happened?Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.
Was my information stolen?If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: https://www.equifaxsecurity2017.com/. Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.
How can I protect myself?
- Enroll in Equifax’s services. Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at https://www.equifaxsecurity2017.com/.
- Monitor your credit reports. In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at annualcreditreport.com. You are entitled to one free report from each of the credit bureaus once per year.
- Monitor your bank accounts. We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.
- Watch out for scams related to the breach. Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.
Should I place a credit freeze on my files?Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus. A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account.
How do I contact the three major credit bureaus to place a freeze on my files?
Equifax: Call 800-349-9960 or visit its website.
Experian: Call 888-397-3742 or visit its website.
TransUnion: Call 888-909-8872 or visit its website.
Where can I get more information about the Equifax breach?You can learn more directly from Equifax at https://www.equifaxsecurity2017.com/. You can also learn more by visiting the Federal Trade Commission’s web page on the breach at https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. To learn more about how to protect yourself after a breach, visit https://www.identitytheft.gov/Info-Lost-or-Stolen.
What is it?
WannaCry is a form of malicious software (malware) known as ransomware. Like other ransomware, WannaCry encrypts (i.e., locks up) data files on computers and demands the victim pay a ransom to receive the decryption key (to unlock the data) from the attackers. Without the decryption key, the files will remain inaccessible.
How does one become infected?
Typically, the infection method has been via a spear phishing attack (i.e., an email that appears to come from a trusted source but is actually spoofed/faked and contains malware). The ransomware is now spreading via several methods including self-propagation to vulnerable machines on external and internal networks.
What should you do as a preventive measure?
To protect your network from WannaCry ransomware you should verify that the Microsoft security patch for *Microsoft Security Bulletin MS17-010, which fixes a vulnerability in the Microsoft Simple Message Block 1.0 (SMBv1) server, is applied to all internal and external machines. A patch for this vulnerability was released on March 14, 2017, so if your patch management program is sound, your network should be protected.
- Enable strong spam filters to prevent phishing e-mails and authenticate in-bound e-mail.
- Scan all incoming and outgoing e-mails to detect threats.
- Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.
- Manage the use of privileged accounts.
- Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.
What should you do if you’re hit?
If you have become infected with WannaCry, you should immediately notify your tech support/incident response team so they can assess and contain the infection, verify all systems on the network are patched, and recover the affected files from the most recent, hopefully uninfected, backup. Contact law enforcement. We strongly encourage you to contact a local FBI field office upon discovery to report an intrusion and request assistance.
What are my options if infected?
There are four options:
- Ideally, one restores from an uninfected backup, as noted above.
- Contact a qualified IT team to assist you with review of your system(s).
- Lose your data.
- Pay the ransom. While not the preferred option, this will depend on your individual situation, the assessment of what data could be lost, and will be your call to make.
Going forward, how should we protect our organization from such attacks?
Ask the following seven questions of your tech support/incident response team:
- Do we have an adequate patch management program that covers both Microsoft patches as well as third-party patches (e.g., Adobe, Java) AND deploys these patches shortly after they are released?
- Have we completed a true Cybersecurity Risk Assessment (not just the FFIEC CAT which is a maturity model not a true risk assessment) to know what threats are present and how we are mitigating such risk?
- Does our current IT audit program include cybersecurity testing from a qualified and independent firm?
- Does such cybersecurity testing include penetration testing, internal and external vulnerability scanning, social engineering testing, backup verification, patch management testing, and other applicable procedures designed to assess our susceptibility to such attacks?
- Do we have 24/7 security monitoring of our network so that malicious traffic emanating from inside our network is detected?
- Have we included an incident such as this as a scenario in our Business Continuity and Incident Response tabletop testing?
- Are we providing adequate training and testing throughout our organization, from the front line to the board room?
- Ensure anti-virus software is up-to-date.
- Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Back-up copies of sensitive data should not be readily accessible from local networks and should be stored with a secure site or provider.
- Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.
- Only download software -especially free software-from sites you know and trust.
- Enable automated patches for your operating system and Web browser.
For more information check out the U.S. Government interagency technical guidance document at this link.
Lastly, here is a link to a Microsoft resource with more technical information on this threat.
- Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
- Convince you to visit legitimate websites (like www.ammyy.com) to download software that will allow them to take control of your computer remotely and adjust settings to leave your computer vulnerable.
- Request credit card information so they can bill you for phony services.
- Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.
Farmers Bank is aware of a recent scam targeting Nonprofit Organizations. This scam involves a person reaching out via email to a representative of a targeted organization. The scammer inquires about giving a large donation and where can he or she can send it to. The Nonprofit then responds with the standard message of whom to make the check out to and other information about their cause. The Nonprofit then receives a check for more than the amount stated and is contacted back by the scammer stating that they or their accountant have over paid the targeted Nonprofit Organization.
Victim organizations in this scam have returned a portion of the funds to the suspect and then discovered the check is counterfeit, leaving the victim organization with the monetary loss. Farmers Bank recommends that all nonprofit organizations exercise caution when receiving large donations, where the donation is contingent on some type of action. These actions may include returning portions of the funds from over-payment of the donation.