Fraud Info

Solicitation Scams

HAPO is not soliciting members from the following number 1-800-483-8314. If you call, they say: Thank you for calling GTO's for advanced prepaid.

HAPO does not partner with this company and we believe that it is a prison prepaid fund.

HAPO would never make an outbound call and solicit your account number.

To learn how to better protect your account, please feel free to reach out to a HAPO Representative at 509-943-5676.

Hackers may have stolen credit data from Home Depot

It is unconfirmed at this time whether any HAPO cardholders were affected.

Home Depot may be the latest retailer to have suffered a massive credit card breach, the company confirmed on Tuesday, after a website reported that a large cache of stolen data had appeared on black market sites.

According to information first reported by Krebs on Security, the breach may have extended as far back as the spring of this year. If so, the fallout may end up being far larger than Target's incident late last year, when information pertaining to tens of millions of customers was compromised.

Home Depot is working with investigators to determine the origin of "unusual activity," a spokeswoman told CNBC in a statement.

"Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers," she added, but declined to provide further information.

Amid a rash of identity thefts that have laid claim to banks and retailers in recent months, Krebs on Security reported that the breach bore similar hallmarks to groups that hit P.F. Chang's, as well as Target and others.

Full Story: http://www.cnbc.com/id/101964168

The UPS Store Security Update

NO LOCAL STORES WERE AFFECTED.

The UPS Store, Inc. recently received a government bulletin regarding a broad-based malware intrusion targeting retailers in the United States. The UPS Store takes seriously its responsibility to protect customer information and immediately launched an internal review, implemented system enhancements and engaged an IT security firm.

An assessment by The UPS Store and the IT security firm revealed the presence of this malware on computer systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States. Based on the current assessment, the earliest evidence of the presence of this malware at any location is January 20, 2014. For most The UPS Store locations, based on our current assessment, the period of exposure to this malware began after March 26, 2014. This malware was eliminated as of August 11, 2014 and customers can shop securely at The UPS Store.

We apologize for any inconvenience and impact this incident may have had on our customers. The UPS Store is offering identity protection and credit monitoring services to impacted customers. In order to take advantage of this service, please visit https://theupsstore.allclearid.com. In addition, customers are encouraged to closely monitor their card account activity and take other steps to help protect themselves outlined in the customer letter below. The UPS Store representatives are available at 1-855-731-6016 for additional assistance.

The impacted center locations, along with the timeframe for potential exposure to this malware at each location, follows this statement.

For complete details visit: http://www.theupsstore.com/security/Pages/default.aspx

Debit and Credit Card Security Breach

What is a breach?

A merchant security breach occurs when cardholder information is not adequately protected by a merchant or their partners while processing electronic transactions. Security breach notifications are provided by VISA U.S.A. They do not include details regarding each incident so exact circumstances of each event are not provided when they occur.

How might this affect you?

HAPO received a notification recently of a breach at a local merchant. At this time we have not experienced any fraud happening on our member’s accounts, however, we will continue to diligently monitor this breach and will release information as we receive it.

Your account security is important to us:

HAPO Community Credit Union's data systems including our website at hapo.org and our online banking were not compromised. This situation was in no way related to the security of our systems.

The security of your account is our priority. Should you see unusual or unauthorized activity on your account and you are concerned that your card may have been compromised please contact us at 509-943-5676 or 800-284-4276. We are ready to assist you.

Your peace of mind is important to us. If necessary, we will replace your card instantly at any of our locations.

Please note as your financial institution we are unable to predict security breaches.

What can I do to keep my account secure?

- Pay close attention to all billing statements from any credit provider or financial institution to verify charges or unauthorized activity on your accounts. Immediately notify lenders of transactions that appear suspicious. Report unauthorized debit transactions to HAPO at 509-943-5676

- Promptly report any suspected identity theft to us at 509-943-5676.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Albertsons Card Breach

BOISE, Idaho, Aug. 15, 2014 -- /PRNewswire/ -- AB Acquisition LLC, which operates Albertsons stores under Albertson's LLC and ACME Markets, Jewel-Osco, and Shaw's and Star Markets under New Albertson's, Inc., recently learned of an unlawful intrusion to obtain credit and debit card payment information in some of its stores. The appropriate federal law enforcement authorities have been notified, and AB Acquisition is working closely with its third party IT services provider, SUPERVALU, to better understand the nature and scope of the incident. Third-party data forensics experts are supporting an ongoing investigation. AB Acquisition has not determined that any cardholder data was in fact stolen, and currently it has no evidence of any misuse of any such data.

AB Acquisition believes that the intrusion has been contained and is confident that its customers can safely use their credit and debit cards in its stores.

Based on the latest information from the ongoing investigation, it appears that the period of unauthorized access may have started on June 22, 2014 (at the earliest) and ended on July 17, 2014 (at the latest).

HAPO’s Role in Your Card’s Security:

HAPO takes the security of your accounts seriously. To help protect against fraudulent charges, we do employ fraud detection services that monitor your credit and debit card transactions for suspicious activities. If any suspicious transactions are identified, you will be contacted to verify their validity. Rest assured that you are protected by VISA’s Zero Liability policy.

Recommended steps to protect your card’s security:

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Read more here: http://www.sacbee.com/2014/08/14/6630366/ab-acquisition-llc-confirms-incident.html

P.F. Chang's Security Compromise Update

Statement from Rick Federico

CEO of P.F. Chang's

June 12, 2014

Scottsdale, Ariz. (June 12, 2014) — On Tuesday, June 10, P.F. Chang's learned of a security compromise that involves credit and debit card data reportedly stolen from some of our restaurants. Immediately, we initiated an investigation with the United States Secret Service and a team of third-party forensics experts to understand the nature and scope of the incident, and while the investigation is still ongoing, we have concluded that data has been compromised.

At P.F. Chang's, the safety and security of our guests' payment information is a top priority. Therefore, we have moved to a manual credit card imprinting system for all P.F. Chang's China Bistro branded restaurants located in the continental United States. This ensures our guests can still use their credit and debit cards safely in our restaurants as our investigation continues.

We have also established a dedicated public website, pfchangs.com/security, for guests to receive updates and answers to their questions.

Because we are still in the preliminary stages of our investigation, we encourage our guests to be vigilant about checking their credit card and bank statements. Any suspected fraudulent activity should be immediately reported to their card company.

We sincerely regret the inconvenience and concern this may cause for our guests.

HAPO’s Role in Your Card’s Security:

HAPO takes the security of your accounts seriously. To help protect against fraudulent charges, we do employ fraud detection services that monitor your credit and debit card transactions for suspicious activities. If any suspicious transactions are identified, you will be contacted to verify their validity. Rest assured that you are protected by VISA’s Zero Liability policy.

HAPO has reached out to P.F. Changs and we have been assured by their management that our members will not have any issues with their un-embossed (flat) VISA cards. P.F. Changs also indicated that they will need to have a photo copy of the card for their proof, should you choose to dine there.

Should you have any questions or concerns, please reach out to us, or contact P.F. Changs directly on their website: https://www.pfchangs.com/security/

Recommended steps to protect your card’s security:

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Heartbleed

OpenSSL Vulnerability

If you have seen the news lately you may have read about the Heartbleed internet security flaw that can impact secure sites. As a HAPO member, you will be pleased to know that our website and our online banking sites were not affected by this.

At HAPO the security of your information is always our highest priority.

Target Confirms Unauthorized Access to Card Data

Target has confirmed that debit and credit cards used at their stores between November 27th and December 15th may have been compromised. You can read their official news release here: https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca

We have received information from VISA advising us of the card numbers that are potentially at risk due to the Target breach. We have worked with both our credit and debit card processors to coordinate a reissue of those cards. Replacement debit cards mailed out on January 6 and replacement credit cards are scheduled to mail out in the week of January 13. If you receive a new card, you should activate it immediately. When your new card has been activated, we will deactivate your old card.

HAPO’s role in your card’s security:

- If your card is among those at risk, rest assured that you are protected by VISA’s Zero Liability policy.

- HAPO takes the security of your accounts seriously. To help protect against fraudulent charges, we do employ fraud detection services that monitor your credit and debit card transactions for suspicious activities. If any suspicious transactions are identified, you will be contacted to verify their validity.

Recommended steps to protect your card’s security:

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Target issued a warning to customers in December of phishing attempts that may be related to the breach. You can read their warning here: http://bit.ly/1cFxY5o

We recommend that you also review information on our website at https://www.hapo.org/phishing.html to see how you can help protect yourself from being a victim of phishing. If you are ever in doubt about an e-mail communication you receive we always recommend that you call the company to verify its legitimacy.

Yokes Issues a Warning to Customers: Debit/Credit Card Data Compromised

All Yokes stores in the Southeastern part of Washington are urging customers to pay with cash or checks.

According to URM, the payment processing system which Yokes uses, hundreds of debit and credit cards have been compromised in the last few weeks. URM has shut down their current system to replace it with a more secure one.

URM issued a statement saying if you suspect your credit or debit card may have been compromised you should immediately contact the bank that issued the card.

Please be watchful of your HAPO account(s) and report any suspicious activity. The estimated exposure window is from September 1, 2013 to November 11, 2013.

URM created a dedicated call center for customers who have questions about what happened and want to know what steps they can take to protect themselves. That number is 877-237-7408.

They will also post information on their website www.urmstores.com.

Reference: http://www.kvewtv.com