Posted On January 25, 2023 Consumer Privacy & Data Breaches
January 25, 2023 – Bank of Eastern Oregon (“BEO”) filed a notice of a data breach with the Montana Attorney General on January 20, 2023 after company email accounts were accessed by an unauthorized third party. According to the filing, sensitive consumer information was accessed, but we don’t yet know the type of information accessed. After confirming the leak, BEO sent data breach notification letters to all affected individuals.
If you received a notification letter from BEO, we at Console & Associates, P.C. advise that you contact our data breach lawyers to better prepare yourself for what’s to come. We are offering free consultations to better help you figure out your next steps, learn what you can do to protect yourself, and see if you can pursue a data breach lawsuit against Bank of Eastern Oregon for financial compensation. If you recently received a NOTICE OF DATA BREACH from COMPANY, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Bank of Eastern Oregon is a financial institution providing services such as checking and savings accounts, home mortgages, agricultural and commercial loans, and other related services. Originally founded in 1945 and based in Heppner, Oregon, BEO now has 24 branches throughout Oregon and eastern Washington, employs over 75 people, and generates approximately $31 million in revenue annually.
According to Bank of Eastern Oregon’s filing with the Attorney General of Montana’s office, the company discovered that there had been unusual activity regarding company email accounts on September 15, 2022. The bank immediately secured its network and began working with a third-party cybersecurity firm to investigate the breach.
The investigation was concluded on January 11, 2023. After reviewing the files and confirming the leak, BEO discovered that sensitive information had been compromised. The bank has not yet released the type of information that was leaked.
On January 20, 2023, Bank of Eastern Oregon sent notification letters to all individuals affected by the data breach.
Though we don’t yet know what kind of information was leaked in the breach, you don’t want to wait long before taking steps to secure your information. There is a possibility that your information may already be in the hands of criminals looking to commit identity theft or fraud.
Below is a list of precautionary steps that you can take right now. This list is not comprehensive, and if your financial information is exposed in the data breach, you may wish to take additional steps.
It is always a good idea to monitor your accounts closely. Monitor your financial accounts and credit profile for any suspicious activity and report it immediately if detected.
Even if your financial information was not compromised, you should take the time to secure all of your online accounts. Change the passwords to all of your accounts. Sometimes a hacker doesn’t have all of the information they need to commit fraud or identity theft, so they look for your information in other accounts. If multi-authorization security is available, use it.
Credit freezes and fraud alerts are free services offered by the major credit bureaus. A credit freeze prevents anyone from checking your credit without your authorization. A fraud alert is like a red flag to other companies. It will inform any company that is checking your credit that your information has been compromised, and you may be the victim of identity theft or fraud.
Bank of Eastern Oregon is offering all victims of the breach 12 months of free credit monitoring. Credit monitoring services typically cost anywhere from $20-$40 a month, so you should take advantage of the offer for this service free of charge. Taking Bank of Eastern Oregon up on its offer for free credit monitoring does not disqualify you from pursuing a data breach lawsuit against the company.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Bank of Eastern Oregon data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
We are notifying you of a recent data security incident that may have involved your personal information. Bank of Eastern Oregon (“BEO”) takes the privacy and security of all personal information within its possession very seriously. That is why we are informing you of this incident, providing you with steps you can take to protect your personal information, and offering you the opportunity to enroll in complimentary credit monitoring and identity protection services.
What Happened? On September 15, 2022, BEO discovered unusual activity in certain employee email accounts.
We immediately took steps to investigate the activity and secure the accounts. We also engaged a leading cybersecurity firm to assist with the investigation to determine whether any personal information may have been affected. The investigation found evidence of unauthorized access to two (2) accounts between September 8, 2022 and September 14, 2022. We then worked diligently to identify individuals whose personal information may have been present in the accounts. We also worked to identify current address information for all potentially impacted individuals. We completed that process on January 11, 2023. We currently have no reason to believe that your personal information has been misused. Nonetheless, we are writing to inform you about the incident and to share steps you can take to protect your personal information.
What Information Was Involved? The information involved may have included your name and your [Redacted].
What We Are Doing. In addition to the steps described above, we implemented additional security measures to further protect our email environment and minimize the likelihood of future incidents.
Also, to help protect your identity, we are offering you the ability to enroll in Experian’s® IdentityWorksSM for 12 months, at no cost to you. This product provides you with superior identity detection and resolution in the event of identity theft. To activate your membership and start monitoring your personal information please follow the steps below:
Ensure that you enroll by: April 30, 2023 (Your code will not work after this date.)
Visit the Experian IdentityWorks website to enroll: [Redacted]
Provide your activation code: [Redacted]
What You Can Do: We recommend that you review the guidance included with this letter about how to protect your information. If you have questions, need assistance with identity restoration or would like an alternative to enrolling in Experian IdentityWorks online, please contact Experian’s customer care team at (833) 420-2875 by April 30, 2023. Be prepared to provide engagement number B083836 as proof of eligibility for the identity restoration services by Experian.
For more information. If you have questions or need assistance, please contact our dedicated call center for more information at (833) 420-2875, from 8 a.m. – 10 p.m. CST, Monday through Friday, and 10 a.m. – 7 p.m. CST, Saturday and Sunday (excluding major U.S. holidays).
We sincerely apologize for this incident and regret any inconvenience it may cause you.