Both my dad and my MIL received a letter from BNY Mellon stating that they lost personal information off the back of a truck. They’re offering 24 months of credit protection services (gee…thanks, cocksuckers!!).
I was investigating the situation because I found it odd that my dad and my MIL both received the letter, with the same date. The actual incident happened way back in February.
I guess 4.5 million people are affected by this blunder. I found a blog http://breachblog.com/2008/03/27/bny.aspx?pg=14&view=linear#Comment and a lot of people are saying it’s a scam. The Texas Atty General’s office said (according to one blogger) that it’s both legit AND a scam.
Anyone else get The Letter and did you sign up for the free credit protection?
I tend to think it’s legitimate, but I’d hate to hand the bad guys the keys to the parental units’ vault. Any opinions/experience with this clusterfuck?
Yes, I got one on Friday (maybe Thursday?). I read it, for the life of me cannot think of anything I have with BNY Mellon, and have filed it on my “to do” stack on my desk.
I got one this week. I suspect the original situation is legit but that some scammer has immediately started sending out fake letters as well.
The way brokerages & the securties industry works inside, you may well have had your data handled by Mellon even though you never dealt with them directly.
If you bought shares of XYZ company and XYZ uses Mellon as their repositiory, you’d end up in Mellon’s systems. Or if the brokerage you deal with uses Mellon behind the scenes, you’d end up in Mellon’s systems. Or if the brokerage the prior owner of your shares dealt with uses Mellon …
Or if any of your 401k or IRA suppliers uses Mellon or trades with people who do …
The reason you don’t know why you’d have anything to do with them is most likely because your company hired them to manage some aspect of your employee plan administration. You would never know this unless you were an HR decision maker (I think). Was yours dated August 27th, 2008? The blog I linked to began months ago. I think they’re unable to process the enormous number of letters they need to send in a timely manner.
I got a letter. Mine’s dated Sept. 15. It appears to be legitimate. I’m planning to sign up, but now I’ll wait a few days to see what others say here. My main concern is that if I sign up, I’ll get automatically renewed when the 24 month free period ends.
If you look at that blog site I posted, people said they had some trouble getting to the “free” stuff and shared your concerns. I think one person mentioned being offered a report for $40.
Why don’t these companies who fuck up like this simply sign up all the people for the credit monitoring? I mean, they HAVE most of the information you’d supply anyway, right?
"Customers potentially impacted by the Feb. 27 incident have received or soon will receive letters notifying them of that fact, said Sommer. The process is expected to be completed by mid-June.
BNY Mellon “has been interacting extensively with the attorney general in Connecticut, and the enhancement of new fraud protection measures we outlined today are in part a result of that ongoing cooperation,” Sommer said.
“The security breach was massive, and we appreciate the company’s cooperation and recognition for the need for the safeguards they are providing,” Blumenthal said of BNY Mellon.
The company said it will provide free credit monitoring for two years and identity-theft insurance worth as much as $25,000 to affected individuals in both incidents. That’s an increase from one year of credit monitoring and $10,000 of insurance, Sommer said. "
BNY Mellon addresses the incident(s) on their site:
“We are providing comprehensive fraud protection assistance to individuals whose personal information may have been included on these back-up data storage tapes. This includes two years of free credit monitoring, $25,000 worth of identity theft insurance, reimbursement for the cost of one placement and one removal of a credit freeze for each of the three national credit reporting bureaus, and dedicated hotlines to respond to any consumer questions and assist with any concerns that these individuals might have.”
You have to enroll on the BNY Mellon site, and use the activation code in the letter you received. The enrollment link is on that page.
In their defense, “lost off the back of a truck” is usually code for “our contracted off-site storage company lost the box.” :smack: I know of at least two companies who’ve had that happen to them. Many of us are not set up to handle courier-ing and vaulting our backup tapes offsite ourselves, and contract that out, but it’s still the company who gets stuck with paying for the credit-monitoring, etc. Sometimes you can pass that cost back to the courier/offsite storage company–it depends–but the black-eye gets pasted on the company whose data was lost, even more than the company who actually lost the data.
Look up the contact info yourself (not using any phone numbers from the letter) and call and ask them. I got a letter from Countrywide Mortgage a few weeks ago saying basically the same thing, that our info was potentially stolen, and we were getting 2 years of free credit monitoring. We called Countrywide by looking up their website ourselves and getting the phone number, and the customer service person told us it was a real letter and what was going on.