This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.



Similar documents
HOME DEPOT DATA BREACH

The Home Depot Provides Update on Breach Investigation

Letter from the CEO. January 25, To Our Valued Michaels Customers:

How to Get Rid of Identity Theft

Important Customer Notice. Information Concerning Data Security Incident at Some Staples Stores

Substitute Notice for Village Pizza

How To Protect Yourself From Identity Theft

We are writing to you because of a recent security incident which may have resulted in unauthorized access of your personal information.

As a precaution, we have arranged with AllClear ID to provide identity protection services to affected clients at no cost for a period of one year.

The Home Depot 2455 Paces Ferry Road Atlanta, GA 30339

NOTICE OF DATA BREACH. As an integral part of our dōterra family, we understand how important data security is to you.

WHAT INFORMATION WAS INVOLVED?

Importance: From: Anthem, Inc. Communications Sent: Thursday, February 26, :40 PM Subject: Important message from Anthem, Inc.

May 11, Re: Notice of a Data Breach. Dear

How To Prevent Identity Theft

UNTOI~ b& ~1\1IL.I1[A?v1S TEL 2I2309~ 1000

April 30, 2015 VIA . Attorney General Joseph Foster Office of the Attorney General NH Department of Justice 33 Capitol Street Concord, NH 03301

In the first week of November, E-conolight was made aware by its website hosting company of a malware attack

May 11, Re: Data Security Breach at Honig s Whistle Stop

IDENTITY THEFT VICTIMS: IMMEDIATE STEPS

<DATE> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRTST NAME> <LAST NAME>:

Background of the Incident

Activate ProtectMyID Now in Three Easy Steps. If you have questions or need an alternative to enrolling online, please call

July 17, Office of the Attorney General Attn: Security Breach Notification 200 St. Paul Place Baltimore, MD 21202

June 10, 2015 VIA

Joint Plumbing Industry Board Plumbers Local Union No.1 Trust Funds

Tax Fraud and Identity Theft Frequently Asked Questions [Updated February 10, 2015] 4. WHAT CAN I DO TO PROTECT MYSELF FROM TAX FRAUD IN THE FUTURE?

Identity Theft Repair Kit

Guide to Identity Theft

ARE YOU A VICTIM OF AN IDENTITY CRIME?

SECURITY BREACH INCIDENT RESPONSE AND CONSUMER NOTIFICATION PLAN TABLE OF CONTENTS PROGRAM OVERVIEW... DEFINITIONS... REPORTING A SECURITY BREACH...

INTRODUCTION. Identity Theft Crime Victim Assistance Kit

Reclaiming your identity

Identity Theft Victim Checklist

Identity Theft Victim s Packet

SPOKANE Police Department Identity Theft Victim Packet

Identity Theft Repair Kit


PENN STATE UNIVERSITY SENSITIVE DATA EXPOSURE INCIDENT KIT Created and Maintained by the Privacy Office

FTC Facts. For Consumers Federal Trade Commission. Maybe you never opened that account, but. Identity Crisis... What to Do If Your Identity is Stolen

SECURITY FREEZE INFORMATION

Instructions for Completing the ID Theft Affidavit

Chapter 6 Appendix A

Instructions for Completing the ID Theft Affidavit

Identity Theft Assistance: Information for Recovering Your Good Name

Dear Concerned Consumer,

FORMER CMSP AND PATH2HEALTH MEMBERS YOU MAY BE AFFECTED BY ANTHEM DATA BREACH

Citi Identity Theft Solutions

Protecting Yourself from Identity Theft

Office of Privacy Protection Safeguarding Information for Your Future

Remedying the Effects of Identity Theft

What should I do if I become a victim of identity theft?

Protecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud

CITY OF ROCHESTER, MINNESOTA POLICE DEPARTMENT

March 2, 2015 Page 2. If you have any questions or need further information regarding this incident, please do not hesitate to contact me.

IdentityTheft HOW IDENTITY THEFT HAPPENS PROTECTING YOURSELF RECOVERING FROM IDENTITY THEFT

SECURITY FREEZE INFORMATION

T E X A S Y O U N G L A W Y E R S A S S O C I A T I O N A N D S T A T E B A R O F T E X A S I D E N T I T Y T H E F T G U I D E

SECURITY FREEZE INFORMATION

SECURITY FREEZE INFORMATION

Northern Trust Attachment A

Identity Theft Victim Checklist

SECURITY FREEZE INFORMATION

How To Protect Yourself From Identity Theft

Information to Protect Our Customers From Identity Theft

IDENTITY THEFT. A. What Do I Do First? Take the following steps as soon as you discover you have been a victim of identity theft.

SECURITY FREEZE INFORMATION Any consumer in Wisconsin may place a security freeze on his or her credit report by requesting it in writing.

Data Security Breach Notice Letter

Identity Theft Packet

IDENTITY. theft. Identity theft can happen. to anyone. Previously, criminals stole your wallet. for your cash. Now they. want your wallet to

HIPAA Breach UPDATED 9/21/15

SECURITY FREEZE INFORMATION Any consumer in Illinois may place a security freeze on his or her credit report by requesting one in writing by

What is Identity Theft?

Instructions for Completing

Identity Theft Victim Packet

SECURITY FREEZE INFORMATION

SECURITY FREEZE INFORMATION

This document if provided for educational and informational purposes and is not intended to provide, nor does it constitute legal advice.

Instructions for Completing the ID Theft Affidavit

How to Freeze Your Credit Files

IDENTITY THEFT INFORMATIONAL PACKET

How to Deal With Identity Theft

Identity Theft Victim Checklist

What will a new creditor who requests my file see if it is frozen? A creditor will see a message or a code indicating the file is frozen.

Milford Police Department

Pasco County Sheriff's Office Economic Crime Unit. Identity Theft Guide

what you need to know

<March XX, 2015> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRST NAME> <LAST NAME>:

Fraud and Identity Theft. Megan Stearns, Credit Counselor

How to Freeze Your Credit Files Tips for Consumers

SECURITY FREEZE INFORMATION FOR KENTUCKY RESIDENTS

Frequently Asked Questions [Updated January 20, 2015]

First Steps for Victims of Identity Theft

identity theft: How To Safeguard Your Privacy and Keep Your Good Name

Corona Police Department

Dear Consumer, What's in this packet: Identity Theft Victim Checklist Identity Theft Victim Worksheet Sample Letters

SECURITY FREEZE INFORMATION Any consumer in Texas may request a security freeze in writing by certified mail to the credit reporting agency.

How to Freeze Your Credit Files

The Attorney General s Office established the Identity Theft Unit in response to increased identity theft incidents reported by Indiana citizens and

Transcription:

RECENT DATA BREACHES This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. Data security is a number one priority at Northwest. We take every precaution to protect our customers and have fraud detection and prevention tools in place at all times. Here are a few things we feel you should know: Please be assured you are not liable for fraudulent, unauthorized credit or debit card purchases. Your Visa credit and debit card transactions are protected by Visa s Zero Liability Guarantee. You don t need to contact us at this time unless you detect unfamiliar transactions. We are actively monitoring all internal and external information regarding Home Depot s data breach and will provide additional information as it becomes available. We ll send you a new debit or credit card if we determine that it is necessary. We recommend: Continue using your Northwest debit and credit card. Please monitor your account and notify us if you see any transactions you don t recognize. Transactions can be monitored online, by using our 24-hour automated Bankline system or by reviewing your monthly statement. If you detect any suspicious transactions, please contact us at 1-877-672-5678 (option #4), Monday through Friday, 7 AM to 8 PM or Saturday, 8 AM to 1 PM. Thank you for your continued trust in our bank. Home Depot logo and name are registered trademarks of Home Depot, Inc.,, Kmart logo and name are registered trademarks of Sears Holds Company, Dairy Queen logo and name are registered trademarks of International Dairy Queen, Inc.

The following notices were posted on the Kmart, Dairy Queen and Home Depot corporate websites. The information details their responsibilities and provides guidelines on how you can help protect the privacy and security of your personal information. To Our Members, Notification from Kmart http://www.kmart.com/en_us/dap/statement1010140.html?adcell=hpnewsrelease I am reaching out to inform our loyal Kmart customers of a recent payment security incident. On Thursday, Oct. 9, 2014 our IT team detected that our Kmart store payment data system had been breached and immediately launched a full investigation working with a leading IT security firm. The security experts report that beginning in early September, the payment data systems at Kmart stores were purposely infected with a new form of malware (similar to a computer virus). This resulted in debit and credit card numbers being compromised. Based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by those criminally responsible. There is also no evidence that kmart.com customers were impacted. This data breach has been contained and the malware has been removed. I sincerely apologize for any inconvenience this may cause our members and customers. It s important to note that the policies of the credit card companies state that customers have zero liability for any unauthorized charges if they report them in a timely manner. The privacy and security of our customers information is of utmost importance to us, and we are committed to doing everything we can to safeguard our customers information in the face of a recent surge of data attacks. To further protect our members and customers who shopped with a credit or debit card in our Kmart stores during the month of September through yesterday (Oct. 9, 2014), Kmart will be offering free credit monitoring protection. Given the criminal nature of this attack, Kmart is working closely with federal law enforcement authorities, our banking partners as well as security experts in this ongoing investigation. I want our customers to be aware of the situation and I suggest that customers carefully review and monitor their credit and debit card account statements. If customers see any sign of suspicious activity, they should immediately contact their card issuer. More guidance is also available on our website, kmart. comand customers can contact our customer care center at888-488-5978. Notification from Dairy Queen http://www.dairyqueen.com/datasecurityincident/ Dear DQ and Orange Julius Customers, International Dairy Queen, Inc. recently learned of a possible malware intrusion that may have affected some payment cards at certain DQ locations and one Orange Julius location in the U.S. Upon

learning of the issue, we launched an extensive investigation and retained external forensic experts to help determine the facts. Because nearly all DQ and Orange Julius locations are independently-owned and operated, we worked closely with affected franchise owners, as well as law enforcement authorities and the payment card brands, to assess the nature and scope of the issue. As a result of our investigation, we discovered evidence that the systems of some DQ locations and one Orange Julius location were infected with the widely-reported Backoff malware that is targeting retailers across the country. The investigation revealed that a third-party vendor s compromised account credentials were used to access systems at those locations. Based on the investigation, we have established the following: The Backoff malware was present on systems at a small percentage of locations in the U.S. The time periods during which the Backoff malware was present on the affected systems vary by location. A list of impacted DQ locations and the one Orange Julius location, as well as the relevant time periods, is available here. The affected systems contained customers names, payment card numbers and expiration dates. We have no evidence that other customer personal information, such as Social Security numbers, PINs or email addresses, were compromised as a result of this malware infection. Based on our investigation, we are confident that this malware has been contained. We deeply regret any inconvenience this incident may cause. Our customers are our top priority and we are committed to working with our franchise owners to address the issue. We are notifying DQ and Orange Julius customers about this incident so they can take steps to help protect their information. You are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies. We encourage you to remain vigilant by reviewing your account statements and monitoring your free credit reports. If you believe your payment card may have been affected, contact your bank or payment card issuer immediately. Additional information and security tips are available here. We are offering free identity repair services for one year to customers in the U.S. who used their payment card at one of the impacted locations during the relevant time period. Information on these services and eligibility can be found here. If you have any questions about this issue, please call us toll-free at 1-855-865-4456, Monday through Saturday from 8 a.m. CT to 8 p.m. CT. We sincerely apologize for any inconvenience this may have caused you. Notification from Home Depot https://homedepot.allclearid.com/ What Happened? On September 8, 2014, we confirmed that our payment data systems have been breached, which could potentially impact customers using payment cards at our U.S. and Canadian stores. There is no evidence that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com.

Additionally, while we continue to determine the full scope, scale and impact of the breach, there is no evidence that debit PIN numbers were compromised. We apologize for the frustration and anxiety this causes our customers and we thank you for your patience and support as we work through this issue. Our investigation is focused on April forward, and we have taken aggressive steps to address the malware and protect customer data. We are offering free identity protection services, including credit monitoring, to any customer who used a payment card at a Home Depot store in 2014, from April on. Customers who wish to take advantage of these services can learn more at www.homedepot.com or by calling 1-800-HOMEDEPOT. The investigation began on Tuesday morning, September 2, immediately after we received reports from our banking partners and law enforcement that criminals may have hacked our payments data systems. Since then, our internal IT security team has been working around the clock with leading IT security firms, our banking partners and the Secret Service to rapidly gather facts and provide information to customers. What data may have been compromised? Payment card information such as name, credit card number, expiration date, cardholder verification value and service code for purchases made at Home Depot stores in 2014, from April on. For clarity, the cardholder verification value that may have been compromised is not the three or four digit value that is printed on the back or front of your card. At this time, we have no reason to believe that checks were impacted. Additionally, while we continue to determine the full scope, scale and impact of the breach, there is no evidence that debit PIN numbers were compromised. What should you do? It is always a good idea to review your payment card statements carefully and call your bank or card issuer if you see any suspicious transactions. The policies of the payment card brands such as Visa, MasterCard, American Express and Discover provide that you have zero liability for any unauthorized charges if you report them in a timely manner. If you find any indication of unauthorized accounts or transactions, you should report the possible threat to your identity to local law enforcement, your State s Attorney General s office, or the Federal Trade Commission. We have provided contact information for some of those entities below as well as certain actions you may take, including obtaining your credit report and placing fraud alerts or credit freezes on your credit file. You should report any unauthorized accounts you see on your credit report to the credit reporting agency from which you obtained the credit report. To assist our customers who may have been affected by the breach, we are offering free identity protection services, including credit repair services, credit monitoring, and an identity theft insurance policy to any customer who used a payment card at a Home Depot store in 2014, from April on. Affected customers may receive 12 months of identity protection services beginning on September 8, 2014, at no cost to the customer. You may obtain registration information by calling 1-800-HOME-DEPOT or visiting www. HomeDepot.com. What additional steps can I take? Order Your Free Credit Report You are entitled under U.S. law to one free credit report annually from each of the three national credit

bureaus, whose contact information is below. To order your free credit report, you can also visit www. annualcreditreport.com, call toll-free at 877-322-8228 or complete the Annual Credit Report Request Form on the U.S. Federal Trade Commission s website at www.ftc.gov and mail it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281. When you receive your credit reports, review them carefully to ensure that the information they contain is accurate. If you see anything on your credit reports or credit card account statements that appears incorrect, contact the credit reporting agencies and/or your credit card provider, and report suspected incidents of identity theft to local law enforcement, the Attorney General, or the FTC (contact information below). Even if you do not find any signs of fraud on your reports or account statements, the FTC suggests that you check your credit reports and account statements periodically, or at least every few months, as identity thieves may not use personal information released in a security incident right away. Some businesses may give victims of security incidents free services; make sure that those offers are legitimate before signing up. Place a Fraud Alert on Your Credit File To protect yourself from possible identity theft, consider placing a fraud alert on your credit file. A fraud alert helps protect you against the possibility of an identity thief opening new credit accounts in your name. When a merchant checks the credit history of someone applying for credit, the merchant gets a notice that the applicant may be a victim of identity theft. The alert notifies the merchant to take steps to verify the identity of the applicant. You can report potential identity theft to all three of the major credit bureaus by calling any one of the toll-free fraud numbers below. You will reach an automated telephone system that allows you to flag your file with a fraud alert at all three bureaus. Equifax P.O. Box 105069 Atlanta, GA 30348-5069 800-525-6285 www.equifax.com Experian P.O. Box 1017 Allen, TX 75013 888-397-3742 www.experian.com TransUnion P.O. Box 2000 Chester, PA 19022-2000 800-680-7289 www.fraud.transunion.com Place a Security Freeze on Your Credit File You may wish to place a security freeze on your credit file. A security freeze generally will prevent creditors from accessing your credit file at the three nationwide credit bureaus without your consent. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services. The credit reporting agencies have three (3) business days after receiving a request to place a security freeze on a consumer s credit report. You can request a security freeze by contacting and placing an order with each of the credit bureaus at: Equifax P.O. Box 105069 Atlanta, GA 30348-5069 800-525-6285 www.equifax.com

Experian P.O. Box 1017 Allen, TX 75013 888-397-3742 www.experian.com TransUnion P.O. Box 2000 Chester, PA 19022-2000 800-680-7289 www.fraud.transunion.com The credit bureaus may charge a reasonable fee to place a security freeze on your credit file. In order to request a security freeze, you will need to provide the following information: 1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.); 2. Social Security Number; 3. Date of birth; 4. If you have moved in the past five (5) years, provide the addresses where you have lived over the prior five (5) years; 5. Proof of current address such as a current utility bill or telephone bill; 6. A legible photocopy of a government issued identification card (state driver s license or ID card, military identification, etc.) 7. If you are a victim of identity theft, include a copy of the police report, investigative report, or complaint to a law enforcement agency concerning identity theft; and 8. If you are not a victim of identity theft, include payment by check, money order, or credit card (Visa, MasterCard, American Express or Discover only). Do not send cash through the mail. Lifting a Credit Freeze To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a written request to the credit reporting agencies by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The credit reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time. To remove the security freeze, you must send a written request to each of the three credit bureaus by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze. The credit bureaus have three (3) business days after receiving your request to remove the security freeze. Helpful Contacts You can learn more about how to protect yourself from becoming a victim of identity theft by contacting the Federal Trade Commission to obtain additional information about how to avoid identity theft, how to

place a fraud alert, and how to place a security freeze on your credit report. Federal Trade Commission, Consumer Response Center 600 Pennsylvania Avenue, NW Washington, DC 20580 1-877-IDTHEFT (438-4338) www.ftc.gov/idtheft For residents of Maryland: You may also obtain information about preventing and avoiding identity theft from the: Maryland Office of the Attorney General, Consumer Protection Division 200 St. Paul Place, Baltimore, MD 21202 1-888-743-0023 www.oag.state.md.us

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information