Equifax Breach

On September 7th, the national consumer credit reporting agency Equifax announced it was the victim of a cybersecurity attack.

On September 7th, the national consumer credit reporting agency Equifax announced it was the victim of a cybersecurity attack that was reportedly carried out from mid-May to July of this year. An estimated 143 million U.S. consumers were likely affected by this attack. 

Equifax has disclosed that this attack affected information that included, but may not have been limited to, consumer names, Social Security Numbers, birth dates, addresses, and driver's license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with other personal identifying information for approximately 182,000 U.S. consumers, were also accessed.

Does Citadel work with Equifax? 


Like all U.S. financial institutions, Citadel reports consumer credit information to all three credit reporting agencies that include Equifax, TransUnion, and Experian. At this time, Equifax has not provided information that would enable Citadel to determine if any specific Citadel customer has been impacted, but Citadel encourages customers to take the appropriate steps to check their credit and account information regularly.

How can I protect myself?

Customers may wish to consider the following actions:

  1. Visit the dedicated Equifax website: Equifax has established www.equifaxsecurity2017.com to help consumers determine if their information has been potentially impacted. The website also provides additional steps consumers can take to protect their personal information.

  2. Consider purchasing ID Theft services: Consider signing up for credit file monitoring and identity theft protection through a trusted party. Learn More about how to protect yourself against Identify Theft. 

  3. Look out for suspicious emails:  Avoid clicking links or downloading attachments from suspicious emails that claim to be updates from Equifax or connected to the breach. Equifax has taken steps to notify consumers, who will receive a written notice in the mail directly from Equifax if they were impacted. Fraudsters have already established a number of bogus websites that use a variation of the www.equifaxsecurity2017.com spelling to lure unsuspecting consumers into divulging additional personal information.

  4. Sign up for fraud alerts: Consider signing up for fraud alerts at all three credit reporting agencies: Equifax, Experian and TransUnion.

  5. Freeze your credit: You can set up security freezes at Equifax, Experian, and TransUnion to ensure your credit files are only available to companies with which you currently have a relationship. Freezing your credit prevents identity thieves from applying for loans or credit cards with your credit information. When the time comes for you to apply for new credit, you can temporarily unlock each frozen credit file.

  6. Change your passwords: Passwords can be compromised during security attacks. To be safe, consider changing your passwords on all accounts and avoid repeating the same password for different logins. Citadel recommends making passwords as unique and complex as possible.

What is Citadel doing to protect me?


Citadel takes information security very seriously and we strive to ensure confidential information in our possession is protected from unauthorized access and/or use.  We are constantly evaluating the strength of our existing control and security environments to protect this information.  The credit union maintains a number of external relationships to ensure we are aware of current and emerging threats to data security as well as enlisting the services of industry experts to assist us with strengthening our defenses.  

Citadel will be offering a robust ID Theft product during the next few weeks that will help you monitor your credit records as well as help remediate situations where your identity is stolen.

What types of alerts or security does Citadel offer?


Customers can sign up to receive card fraud alerts through Citadel’s Online & Mobile Banking. To do this, log in to your online banking account, and select ‘Services’ on the left hand side.  Choose ‘Card Fraud Alerts’ from the drop down and simply follow the prompts. To complete the process you will need your mobile phone number and the credit or debit card number for which you wish to receive alerts.

Citadel also offers account alerts through Online & Mobile Banking.  We will be enhancing the current account eAlerts over the next few months.

Should I get a new card number or close my credit card or account?

Unless you have experienced fraud on your card or account, there is no need to close anything. 

If fraud occurs on your Citadel card or bank account, you are not financially responsible. You can initiate a ‘Fraud Report’ with Citadel, and we will begin the process of researching the fraud and restoring your account. 

If you have any additional questions about the Equifax security breach, please call us at (800) 666-0191.