Visa and MasterCard recently notified Luso Federal Credit Union that unauthorized access to your payment card data may have compromised your debit/credit card. This potential security breach was a result of a purchase made at a retail merchant between April 11 and September 7, 2014, and did not take place at one of our branches or within our systems.
Luso Federal Credit Union is committed to your account security. As a result of this potential security breach, we have initiated the process to issue you a new card. Please activate your new card as soon as you receive it, as your current card will be deactivated as the new card is issued.
We encourage you to monitor your accounts for any unauthorized activity through our online banking site or mobile banking application, as an added layer of protection. If you suspect unauthorized activity on your account, contact us immediately so we can investigate the activity.
Also, remember that you have the right to place a security alert on your credit report at any time by contacting the major credit bureaus.
For more information on ways to protect your credit report, or for a copy of your current credit report, contact one of the following:
Equifax - 800.525.6285 - www.equifax.com
Experian - 800.397.3742 - www.experian.com
TransUnion - 800.680.7289 - www.transunion.com
Home Depot has confirmed that a data breach occurred on their payment data systems in their stores in the United States and Canada that dates back to April 2014.
If you shopped at the Home Depot store from this date on, your debit or credit card information might have been compromised.
If you used a Luso Federal Credit Union credit or debit card and you feel your card might have been compromised in this breach, please contact us and we will reissue you a new card at no cost to you.
Luso Federal Credit Union is serious about protecting our member accounts and confidential information.
What is the Heartbleed Bug?
Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and e-mails.
The Heartbleed Bug is a defect in encryption technology- called Open SSL - used by most Web servers to secure users' personal or financial information..
It is behind many "https" sites that collect personal or financial information.
Basically, it provides a secure connection when you are conducting a transaction or sending an e-mail online. Experts discovered the bug recently and warned that cyber criminals could exploit it to access visitors' personal data or to impersonate a website and collect even more information.
Am I affected?
Most active users of the Internet have likely been exposed, since a majority of websites-including Facebook, Yahoo, Google, retail and even government sites-use the Open SSL software. But it is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches.
Most sites with an address beginning with "https" are vulnerable until the website operator fixes the bug and users change their passwords.
Is my bank account safe?
Yes, members are always protected from any unauthorized transactions.
Let us know immediately if you suspect any unusual activity.
The National Credit Union Administration has warned consumers to beware of a new telephone fraud, known as a "vishing" scheme, that is using the agency's name in an attempt to obtain personal financial information. Click here for information.
While this compromise was not a result of a security breach at Luso Federal Credit Union, we would like to communicate with you some steps to take during this time that could help prevent fraudulent transactions.
- Although Luso Federal Credit Union has fraud monitoring services in place, you should monitor your account closely and call us immediately with any unauthorized transactions.
- If you use our free "LUSO" Anywhere Online Banking service, you can monitor your accounts from anywhere and at any time or monitor your accounts through your iPhone to inquire on balances and history.
- You may choose to deactivate your current debit card and request a new one. If you come into our branch during banking hours, will we issue you a new debit card immediately through our Instant Debit Card service. You will be required to select a new PIN number for your new card. If you can not come in to our branch, a new card and new PIN can be mailed to you. This process will take a few days through the mail.
- If we receive notification that your debit card may have been compromised, we will block the existing card number and reissue you a new card and PIN. You would have to update any reoccurring charges you have authorized with the old card number.
- Cases of identity theft can also be reported to law enforcement or the Federal Trade Commission at 1-877-382-4357.
"Your credit union debit card has a pending alert. Call now (various numbers used) and follow the instructions to resolve this alert."
If you receive a text or e-mail stating this message or any message similar to the above do NOT call the number or give out any of your information.
Phishing is an electronic way of attempting to acquire sensitive information by pretending to be a trustworthy source. This Credit Union will never ask our members to provide confidential account information via text or e-mail. Visit the Federal Trade Commission at www.ftc.gov
It has come to our attention, that emails originating from firstname.lastname@example.org and email@example.com with a subject of "Merchant Statement" as the carrier of a .docx (Microsoft Word) attachment that may contain malicious code.
The attachment currently takes the format "Statement ID 1111-111-111-1111.docx" (numbers may vary). Please block the contents through your anti-virus software , delete and do not open these emails/attachments. Thank you.