Officials unsure if it’s related to data breach
Two days after Vancouver Public Schools revealed a major security breach of 3,000 employees’ personal and banking information, a school district employee received a suspicious voice mail claiming to be a “fraud alert.” The message, found on Wednesday, purported to come from Chase Bank. It advised the woman to call a toll-free number for important information about her debit card.
When her husband called, a crude recording asked him to type in their 16-digit card number.
School officials on Thursday said it wasn’t known whether the message was related to the security breach, and they sent out an e-mail warning employees to be wary of scam pitches that might exploit identity theft fears.
The school employee who received the message doesn’t have a debit card with Chase, said her husband, who asked that their names not be published because of now-enhanced fears of being victimized by identity thieves.
Among the information breached were employees’ Social Security and direct-deposit payroll banking numbers.
The Columbian called the toll-free number the couple provided from the message, 800-533-0962, and heard a scratchy recording with no hint of the corporate style and professionalism of a major bank.
“Before calling Chase, please enter your 16-digits card number, followed by the pound sign,” a woman’s recorded voice says. After a long pause, she repeats the message.
The couple, who are Vancouver residents, did not enter their card number as requested.
Because of the timing, they suspect it has something to do with the school district’s security breach, although the message didn’t mention anything about schools.
“To me it seems awfully suspicious,” her husband said. “We’ve never got a call like that.”
Although it might be coincidental, he said, “I think it’s directly related to the breach.”
His wife works for the school district, but she’s not a teacher and her name isn’t one that’s in the public eye, he said.
On Thursday evening, school officials commented about the message the woman reported.
“We have no idea if that’s related to the security breach or not,” said Kris Sork, spokeswoman for the school district. “It could be just due to the media publicity.”
She said the case remains under investigation by police and she’d heard of no results from the probe.
Thomas Hagley, the district’s executive director of community and government relations, said he was aware of no such reports from school employees, but said police have warned of such things.
“The Vancouver Police Department detective who is working on this case advised us that, when this data breach kind of incident happens, it attracts other criminal behavior,” Hagley said.
“People who are watching for opportunities to take advantage of the folks who might be affected by the security breach, and who may start to attempt to collect information in various ways,” Hagley added.
For those familiar with scams and identity theft, any unsolicited phone or e-mail request for someone’s credit card number is considered a scam. And all the more so in this case because it supposedly came from their bank, which already has their account numbers.
Before the security breach, the man and wife were aware of the identity theft problem and had taken preventative measures such as shredding documents that contain personal and financial information.
As advised after the security breach, they have contacted the major credit bureaus and had their accounts flagged for possible fraudulent transactions.
“We put a good deal of effort into protecting our identities,” the husband said.
Identity theft experts have said that computer hackers and other crooks who manage to obtain personal and financial information often sell the lists to others who may try to use it. Trading in such illegal data can be done on a global scale.
