Posted On May 7, 2023 Consumer Privacy & Data Breaches
May 7 – After discovering that a hacker had compromised their online membership application system on May 3, 2023, Veridian Credit Union notified the Attorney General of Maine of the data breach. According to the company’s report, the breach exposed consumers’ names, dates of birth, residences, loan information, account numbers at other financial institutions, and Social Security numbers. Veridian started sending letters to everyone affected by the data breach as soon as it became clear that customer data had been compromised.
You should know exactly what is at stake if you receive a data breach notice. On behalf of anyone whose personal data was compromised in the Veridian data breach, data breach lawyers of Console & Associates, P.C. are actively researching the incident. As part of this inquiry, we are offering free consultations to anyone who may have been affected by the breach and is concerned about the potential consequences of identity theft, the steps they can take to mitigate those risks, and the potential avenues of recourse they may have for seeking restitution from Veridian Credit Union.
Established in 1934 in Waterloo, Iowa as John Deere Employees Credit Union, the current Veridian Credit Union presently has over 30 branch sites throughout the states of Nebraska and Iowa and provides digital banking services to customers all over the United States. Anyone who resides in, or is employed by, the states of Nebraska or Iowa, or who has a member of Veridian in their immediate family, is eligible for membership. More than 833 individuals are employed at Veridian Credit Union, and the organization pulls in over $187 million each year.
In a recent complaint with the Attorney General of Maine, Veridian said that it had discovered that hackers had been using the company’s online membership registration process to fraudulently acquire credit reports of consumers. To create a credit report in the victim’s name, it seems that hackers would enter data they had received from other sources. When the credit report was run, it exposed new details about the victim.
When Veridian Credit Union learned that critical member information had fallen into the wrong hands, it immediately initiated a thorough investigation of the compromised files to ascertain what data had been exposed and who had been affected. Your name, date of birth, address, loan information, account numbers at other financial institutions, and maybe even your Social Security number may have been compromised.
All customers whose personal information was compromised as a consequence of the incident were notified via letter dated May 3, 2023, from Veridian Credit Union.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Veridian Credit Union data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
We are writing to let you know about a data security incident that involves potential unauthorized access to your personal information. While we understand you are not a current member of Veridian Credit Union (“Veridian”), your personal information may have been compromised due to an attack on Veridian’s online membership application process. This letter explains what happened and what you can do to help protect your personal information.
WHAT HAPPENED? An unauthorized party recently attacked Veridian’s online membership application system by beginning an application using information about you they already possessed. By using such information, the unauthorized party was able to potentially obtain additional information about you by generating a credit report in the system and possibly accessing the content. The bulk of the attacks on the system occurred between April 1-2 of this year.
WHAT INFORMATION WAS INVOLVED? The data accessed may have included personal information from a credit report such as your name, address, social security number, date of birth and account/loan numbers at other financial institutions along with certain loan information like term and loan balance.
WHAT WE ARE DOING Veridian values your privacy and deeply regrets that this incident occurred. Upon becoming aware of this incident, Veridian immediately conducted a thorough review of the affected application system and took action to prevent a recurrence of such an attack and to protect the privacy of all affected individuals. Veridian is also working with the credit bureau who provided the credit report noted above and is contacting law enforcement to address the incident. In addition, we are offering identity theft protection services through IDX, A ZeroFox Company, the data breach and recovery services expert. IDX identity protection services include: [Redacted] of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed id theft recovery services. With this protection, IDX will help you resolve issues if your identity is compromised.
WHAT YOU CAN DO We encourage you to contact IDX with any questions and to enroll in the free identity protection services by calling 1-888- 566-0215 or going to [Redacted] and using the Enrollment Code provided above. IDX representatives are available Monday through Friday from 9 am – 9 pm Eastern Time. Please note the deadline to enroll is August 3, 2023.
At this time, there is no evidence that your information has been misused. However, we encourage you to take full advantage of this service offering. IDX representatives have been fully versed on the incident and can answer questions or concerns you may have regarding protection of your personal information.
FOR MORE INFORMATION You will find detailed instructions for enrollment on the enclosed document (Steps You Can Take to Further Protect Your Information) along with other steps you can take to protect your information. Also, you will need to reference the enrollment code at the top of this letter when calling or enrolling online, so please do not discard this letter. Please call 1-888-566-0215 or go to [Redacted] for assistance or for any additional questions you may have. We understand this notice is very concerning and apologize that this incident has occurred. We welcome your questions as we work together to protect your personal information.