Bank ‘victimized’ by illegal server access

Amy Poppinga

Amy Poppinga

A security breach at a local bank left the information of some customers, including SDSU students and faculty, compromised.

According to a letter sent out to affected customers, a third party gained unauthorized access to one of First Bank and Trust’s database servers, the third party may have accessed such information about customers as their names, addresses, social security numbers, birth dates, their card numbers and their bank account numbers.

Although the breach is still under investigation, there is no evidence that these pieces of information were actually stolen or used, and the information of customers who did not receive a letter was not accessed.

Reaction about the breach was varied on campus.

“I don’t blame First Bank and Trust; they do everything they can to keep information secure,” said Matthew Cecil, an associate professor of journalism and mass communication. “The people I’m mad at are the criminals who are hacking into systems and stealing information.

“Not only were the customers [of First Bank and Trust] victimized, but the bank itself was victimized, too,” he said.

Jodi Melius, a junior Spanish major, was not really upset about the breach, but the incident opened her eyes.

“It makes you realize that things like this can happen even in a small town,” she said. “Even though they’re not certain any problems will come out of this, it’s important for people to be aware of their credit.”

Dave Waligoske, the executive vice president of Fishback Financial Corporation, agreed with Melius. Even though college students may not have a lot of assets right now, the students should still take the breach and credit responsibilities in general seriously, because whoever holds these students’ information could still cause harm, he said.

For example, that third party could open a credit card and potentially ruin that customer’s credit. At least the money in a person’s bank account is federally protected, but there is no telling what an “unscrupulous” person could do with someone’s credit, said Cecil.

To avoid a situation like that, Waligoske recommended following some of the security precautions outlined in the letter.

First, the affected customers are encouraged to carefully review their banking and credit card accounts for the next 24 months. If customers have a debit or credit card through First Bank and Trust, they can request a new card and card number.

Another security measure would be for these customers to place a fraud alert on their credit bureau files. This alert tells creditors that they must contact the customer before opening new accounts or modifying current information about existing accounts.

There are three major credit bureaus: Equifax, Experian and TransUnion, but customers only need to contact one of these agencies to place a fraud alert. That agency will contact the other credit bureaus to place a fraud alert, and the chosen agency will send the customer a free credit report.

The contact information for the credit bureaus is:

? Equifax: 1-800-525-6285 or www.equifax.com.

? Experian: 1-888-EXPERIAN (397-3742) or www.experian.com

? TransUnion: 1-800-680-7289 or www.transunion.com

“My best advice is to follow the advice in the letter and put the fraud alert on your account,” said Cecil.

In addition to the fraud alert, the bank recommends that the affected customers check their credit reports periodically. Anyone can obtain one free credit report from each of the credit reporting agencies each year, which is a total of three reports every 12 months. That information can be accessed at www.annualcreditreport.com.

Waligoske said that checking credit bureaus is anyone’s “first line of defense” against identity theft.

“Monitoring credit bureaus are the best way for students or the public to see activity on their credit history and to report it,” he said.

The Federal Trade Commission (FTC) has also published information about deterring identity theft on their Web site: www.ftc.gov/idtheft. If anyone discovers that he or she is a victim of identity theft, that person should contact the FTC at 1-877-ID-THEFT (1-877-438-4338) or at their Web site.