NWR - credit breach

hellosweetie1015 · April 2015

So I got a letter from my university today saying that they'd had a data breach, and that my info was among the data available. They're providing me with two years of fraud protection through Experian, etc. I go in and try to sign up for the fraud protection. It asks me a couple of security questions - did you live in any of these places, did you own any of these cars. I chose my appropriate answers, and it told me that they couldn't verify I am who I say I am.

So, okay. I call the number it said to call to try and straighten it out, and they ask a few questions. One of them is regarding a mortgage I may have taken out in 2012. I don't have a mortgage, and I tell them so. Then THEY couldn't verify I am who I say I am. Obviously, now I'm freaking out. I went to pull my credit reports since it was time for me to pull them this year anyway, and the TransUnion and Equifax look completely normal, no unexpected mortgages or cards or anything - all either one of them is showing is my student loan debt. But - AGAIN - Experian asks questions that do not apply to me and never have, and cannot verify that I am who I say I am, and won't give me my report.

Basically what I need is for you guys just to tell me that everything is completely normal and I have two normal credit reports and clearly it's just that Experian is having a case of the Mondays. Because my stomach is one big knot now, and I'm kind of feeling sick to my stomach.

luckya23 · April 2015

A mortgage from 2012 would for sure be on all 3 by now.

theartistformerlyknownas · April 2015

It's common for them to ask questions that have nothing to do with you or where the answer is "no" or "none of the above." Sounds like Experian's random question generator is defaulting to too many questions that don't give specific enough answers to identify you though. This could be because you don't have very much debt... mine will have me verify the range into which my car payment falls and in what year did I take out a personal loan, etc. If you don't have those things to verify you could be confusing the computer.

hellosweetie1015 · April 2015

luckya23 said:
A mortgage from 2012 would for sure be on all 3 by now.

Especially one that isn't being paid, right? I mean, I'm sure as shit not paying any mortgage right now.

lolo883 said:
It's common for them to ask questions that have nothing to do with you or where the answer is "no" or "none of the above." Sounds like Experian's random question generator is defaulting to too many questions that don't give specific enough answers to identify you though. This could be because you don't have very much debt... mine will have me verify the range into which my car payment falls and in what year did I take out a personal loan, etc. If you don't have those things to verify you could be confusing the computer.

It's asking about places I lived, and cars I've owned/leased. I don't have car payments or credit cards or any debt outside of student loans, so maybe that's what's throwing it?

It did ask me about a car I'd owned before, and included my dad's truck's make and model on it (but no models I'd ever owned), but I'm not on that title or any of the debt on it or anything. So I honestly think that was dumb luck.

southernbelle0915 · April 2015

Do you have a common name? I wonder if your university gave the right SSN to Experian.

So let me back up.... when a company contracts Experian to offer credit monitoring service, Experian needs a list of affected people and their SSNs. Then they assign an activation code to each person. That activation code is usually given to you in the letter where they tell you "we fucked up, sorry about that."

So I'm wondering if you have another Jane Smith's activation code? Because a mortgage from 2012 would for sure be on a current credit report.

novella1186 · April 2015

luckya23 said:
A mortgage from 2012 would for sure be on all 3 by now.

Agree with this. I've had weird small things only show up on one report (like that I had $30 owed to some random medical company in collections, so I had to email the credit bureau to have it removed because it was some kind of weird mistake) but my major debts, like car loan, student loans, etc definitely have always been on all three credit reports.

I've also had that stupid annoying thing happen where it couldn't verify who I am based on the questions. It was nothing, just stupid questions with stupid answers that weren't helpful to their security or to my access.

Deep breath! It will be ok.

hellosweetie1015 · April 2015

Do you have a common name? I wonder if your university gave the right SSN to Experian.

So let me back up.... when a company contracts Experian to offer credit monitoring service, Experian needs a list of affected people and their SSNs. Then they assign an activation code to each person. That activation code is usually given to you in the letter where they tell you "we fucked up, sorry about that."

So I'm wondering if you have another Jane Smith's activation code? Because a mortgage from 2012 would for sure be on a current credit report.

My name is a pretty common name for my birth year, but it's not spelled in a common way. My spelling hasn't been in the top 1000 ever, as far back as record keeping goes, and (according to howmanyofme.com, which may not be an actual reliable website) there are only two people with my first and last name in the US. So ... maybe? But not really likely.

ETA: I am feeling a little bit better now. I don't have a lot of credit, and it's not in great shape, so I freaked out a weeeeeee little bit. (Okay. A lot.)

maeday2 · April 2015

I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

theartistformerlyknownas · April 2015

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

Ohhhh snap.

hellosweetie1015 · April 2015

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?

novella1186 · April 2015

hellosweetie1015 said:

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?

That actually happens. Our company was breached about a month ago and a lot of our data was stolen, including employee's personal data. We were offered the credit protection and whatnot. But I got an e-mail about it with a link to click on to take me to the free credit monitoring sign-up page. I didn't click only because I was busy at the moment.

I then got an e-mail from HR saying that the e-mail with the link was another virus-- maybe from the same hackers-- and that we shouldn't click on it. It looked legit, it seemed accurate, it had all the right info and the right sender, but it was a scam.

I think a similar e-mail was sent out when the Target data theft happened during Christmas.

ETA: Here's one I actually fell for. My mom had some documents I needed so she said she would scan them and send them to me. A week later I get an e-mail -- sent from my mom-- that said "here's a document for you" with a link to google docs, which I use all the time. I clicked the link, it took me to a normal-looking google screen, and asked me to sign into my account. That seemed fishy because I was already singed into gmail. But I fell for it. I put in my password, clicked, and nothing happened. It was a fake screen, and I had essentially given my password to hackers.

I then get an e-mail from the real gmail security team saying that someone was trying to access my account from an unknown computer and unfamiliar location, and I had to verify that this was not me, and then change my password. SO GLAD that gmail has that extra security step. And I felt so stupid for falling for it.

maeday2 · April 2015

hellosweetie1015 said:

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?

Auburn, right?

I thought it was super odd and I just got in from a short trip out of town so I didn't put much thought into it.

My mailing came from the enrollment services office. You may want to give them a call to verify the breach.

hellosweetie1015 · April 2015

WAIT WAIT WAIT.

Do I need to be finding out if this letter is even legit, then?! I mean, it came to the PO box...

Jesus H. Christ why can't it be easy any more? If FI weren't here, I'd go live in the 1800s.

Dreamergirl8812 · April 2015

That was my concern when you said you called them and gave them all sorts of info. Have you googled the phone number they gave you?

[Deleted User] · April 2015

hellosweetie1015 said:

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?

Yikes that is weird. But, OP, I did just have someone use my credit card (luckily they were just testing it, only spent $11 and my bank shut it down immediately). BUT when I called to fully close my card and get a new one, they asked me a few questions about my current credit. 1. Do you have any student loans? 2. Do you have a mortgage? 3. Do you have a car loan? I just answered "No" to all of them and they were able to verify that it was me. I think it is a security measure, because if someone stole your info and was pretending to be you, they might be tricked into thinking that you had those things which is why the company was asking, and then the thief would guess/lie and get caught. I don't know if that is true, but that is kinda what I guessed. If you're trying to get in online to no avail, and you want to know for sure, try calling and speaking to a real person...just prepare to do something while you wait on hold! But good luck. It probably is nothing and they just sent that letter to cover their butts.

hellosweetie1015 · April 2015

maeday2 said:

hellosweetie1015 said:

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?
Auburn, right?

I thought it was super odd and I just got in from a short trip out of town so I didn't put much thought into it.

My mailing came from the enrollment services office. You may want to give them a call to verify the breach.

The good thing is that I know the breach happened; that's confirmed from several reliable sources. I am going to be PISSED if I fell for a scam trying to be responsible about it though.

@dreamergirl8812 the numbers are all coming up legit, thankfully. I didn't google them before I called though, because I knew about the breach and was honestly expecting to get a letter from them.

I just want to bang my head on all the walls.

hellosweetie1015 · April 2015

abcdevonn said:

hellosweetie1015 said:

maeday2 said:
I got the same letter and I have never considered, applied, or attended that university. It makes me question the validity of it, in general.

WAT.

Really?
Yikes that is weird. But, OP, I did just have someone use my credit card (luckily they were just testing it, only spent $11 and my bank shut it down immediately). BUT when I called to fully close my card and get a new one, they asked me a few questions about my current credit. 1. Do you have any student loans? 2. Do you have a mortgage? 3. Do you have a car loan? I just answered "No" to all of them and they were able to verify that it was me. I think it is a security measure, because if someone stole your info and was pretending to be you, they might be tricked into thinking that you had those things which is why the company was asking, and then the thief would guess/lie and get caught. I don't know if that is true, but that is kinda what I guessed. If you're trying to get in online to no avail, and you want to know for sure, try calling and speaking to a real person...just prepare to do something while you wait on hold! But good luck. It probably is nothing and they just sent that letter to cover their butts.

The thing is, I know there was a breach - it was on AU's official Facebook page over the weekend. So... yeah. And the mortgage question came from a real person, so I have spoken to a real person and they couldn't verify my ID either.

And... the phone number for the Office of Enrollment Services, where my (and maeday's, apparently) letter came from, is - of course - busy, because everyone who got one of these letters today is now calling them.

tpwkalyn · April 2015

Look what I found!

http://www.al.com/news/index.ssf/2015/04/auburn_confirms_students_who_d.html#incart_related_stories

hellosweetie1015 · April 2015

@khugs16 Yeah, I saw that earlier. Thinking about it in a calmer place, the fact that non-applicants had some level of info leaked and thus got letters shouldn't surprise me - my sister is getting stuff from Auburn and she isn't even considering them. She hasn't gotten a letter about this from them, though, and I suspect AU doesn't have anything other than her name.

I'm a former student though - an alum - and so is FI, so they've got potentially both of our socials and everything. That's my big issue - both of us could have info floating around out there. And Auburn (or the people Auburn has contracted with to field the flood of freaked out people) couldn't tell me anything about anything.

NWR - credit breach

Re: NWR - credit breach

Choose Another Board

Search Boards