This might also fit in MiM for mom's job. Very recently, the accounting system at her work was hacked. She works at a religious education community for a local college.
The other night, she gets a voicemail on her cell phone from Voldemart asking about a large purchase She's never set foot in Voldemart and there isn't even one nearby. What little info she was able to glean was that the order was made using her name and phone number, different email and mailing address (but same state). I wish the rep could have given us all the information, but she wanted the credit card that was used which mom didn't have as she didn't place the order! Said order was put on hold, luckily. We should have recorded that call for our own records if nothing else.
Following this, there were multiple random purchase attempts on everyone's "company" credit card before someone had the revelation to stop trying to dispute things and simply shut it down, but not before concerns arose that whoever got into the payroll system has everyone's info (SSN, etc).
The office "manager" seemed quite unconcerned about the hack and the fact that someone had mom's cell number...she pawned it off as "gee maybe [boss] had to give contact information for anyone who had a card here." Mom never got any direct communications from the bank, just Voldemart. Communications from the bank were secondhand through the payroll manager (one of the few people there with a brain).
State law requires any organization that holds consumers' personal information (this may also apply to payroll/accounting departments) must immediately report a data breach to the state AG's office. There was a milder occurrence of this last summer, and again nobody seemed particularly concerned and it was not reported to anyone.
Now she's concerned that her personal cards are at risk, and by extension my information as we have a joint bank account for the household. My debit card was already ganked over Thanksgiving.
I told her to put a fraud alert on her name immediately (and look into a credit freeze, she may not need a police report) and she's going to report it independently to the AG and police as she is now directly involved via the Voldemart order. We still don't know which card was used, but it had to be one that had her cell phone for a contact number and IIRC she did not have to give that to the bank that her work uses so that stands to reason that it was one of her personal cards. I'm going to re-up the fraud alert I had and file my taxes as soon as I possibly can just in case.
I suspect that this is all tied to the Equifax breach; while there's no way to prove anything, it just seems to make sense.
We did NOT need this right now
The other night, she gets a voicemail on her cell phone from Voldemart asking about a large purchase She's never set foot in Voldemart and there isn't even one nearby. What little info she was able to glean was that the order was made using her name and phone number, different email and mailing address (but same state). I wish the rep could have given us all the information, but she wanted the credit card that was used which mom didn't have as she didn't place the order! Said order was put on hold, luckily. We should have recorded that call for our own records if nothing else.
Following this, there were multiple random purchase attempts on everyone's "company" credit card before someone had the revelation to stop trying to dispute things and simply shut it down, but not before concerns arose that whoever got into the payroll system has everyone's info (SSN, etc).
The office "manager" seemed quite unconcerned about the hack and the fact that someone had mom's cell number...she pawned it off as "gee maybe [boss] had to give contact information for anyone who had a card here." Mom never got any direct communications from the bank, just Voldemart. Communications from the bank were secondhand through the payroll manager (one of the few people there with a brain).
State law requires any organization that holds consumers' personal information (this may also apply to payroll/accounting departments) must immediately report a data breach to the state AG's office. There was a milder occurrence of this last summer, and again nobody seemed particularly concerned and it was not reported to anyone.
Now she's concerned that her personal cards are at risk, and by extension my information as we have a joint bank account for the household. My debit card was already ganked over Thanksgiving.
I told her to put a fraud alert on her name immediately (and look into a credit freeze, she may not need a police report) and she's going to report it independently to the AG and police as she is now directly involved via the Voldemart order. We still don't know which card was used, but it had to be one that had her cell phone for a contact number and IIRC she did not have to give that to the bank that her work uses so that stands to reason that it was one of her personal cards. I'm going to re-up the fraud alert I had and file my taxes as soon as I possibly can just in case.
I suspect that this is all tied to the Equifax breach; while there's no way to prove anything, it just seems to make sense.
We did NOT need this right now
Comment