BNY Mellon Shareowner Services loses backup tape
Technorati Tag: Security Breach
UPDATED on May 7th, 2008 and May 26th, 2008
UPDATE: IMPORTANT NOTICE TO ALL READERS OF THE BREACH BLOG
Date Reported:
3/26/08
Organization:
Science Applications International Corp. (Current and former shareholders of SAIC are reported as victims on May 7th, 2008)
The Bank of New York Mellon Corporation
Contractor/Consultant/Branch:
BNY Mellon Shareowner Services
Archive Systems
Victims:
Clients
Number Affected:
~3,500
~4,500,000
Types of Data:
"personal information including names, Social Security numbers and possibly bank account numbers"
Breach Description:
BNY Mellon Shareowner Services "has notified about 3,500 individuals -- some of them Maryland residents -- that the company lost a box of computer data tapes last month storing personal information including names, Social Security numbers and possibly bank account numbers".
UPDATE:
" On February 27, Bank of New York Mellon gave the unencrypted backup tape containing information on about 4.5 million consumers -- hundreds of thousands of them People’s United Bank customers and investors -- and nine other tapes to a storage firm, Archive Systems, Inc., for transportation to a storage facility. When the storage company vehicle arrived at the storage facility, the tape was missing. The other nine tapes reached the facility safely."
Reference URL:
The Baltimore Sun
San Diego Union-Tribune (UPDATE)
NorwalkPlus.com (5/26/08 UPDATE)
Report Credit:
Liz F. Kay, Baltimore Sun reporter
Response:
From the online source cited above:
A Pittsburgh-based shareholder services firm has notified about 3,500 individuals -- some of them Maryland residents -- that the company lost a box of computer data tapes last month storing personal information including names, Social Security numbers and possibly bank account numbers
BNY Mellon Shareowner Services, which assists clients such as MetLife, sent letters to affected shareholders of such clients offering them 12 months of free credit monitoring and other assistance
[Evan] It's not "free". Somebody pays for it. So with credit monitoring, affected persons would be notified AFTER they become an identity theft victim, IF they become an identity theft victim. The monitoring lasts for 12 months, at which time what happens?
"We have received no indications that there's been any inappropriate use of the data on the tapes,"
The company backs up its computer database every day and sends the tapes to a secure storage facility
On Feb. 27, a courier told them that one box could not be found.
BNY Mellon investigated to determine what kind of information the tapes held and notified its clients.
It then sent a letter to the shareholders.
The company estimates that less than 1 percent of its 35 million clients nationwide have been affected
[Evan] So? Is this statement meant to minimize the impact of this breach, or what?
Connecticut State Attorney General Richard Blumenthal's Comments when notified by BNY that "hundreds of thousands" of his state's residents are affected by this breach:
“This security breach seems highly dangerous, indeed possibly
devastating in light of the identity theft threat. You have also informed this office that BNY began notifying the affected customers six weeks ago and is offering one year of credit monitoring through Equifax. Given this extraordinarily serious security breach, this offer of protection is grossly inadequate. Connecticut agencies that have experienced data security breaches less serious in magnitude or potential damage have offered consumers two years of credit monitoring, $25,000 identity theft insurance and free credit freezes. BNY should do no less.
“I am especially concerned by the delay in informing consumers, possibly heightening the risks of wrongdoing. Neither People’s nor its customers were promptly notified. Even now, many may be in the dark.
“The loss of this tape -- so far unrecovered and unremedied -- is
inexplicable and unacceptable. It must be addressed by protective measures to forestall identity theft immediately.”
Commentary:
Was the information on the tape(s) encrypted? There was no mention, so I assume that it was not. Continuing with this assumption, this means that BNY Mellon Shareowner Services sends unencrypted customer database back-up tapes offsite every day. Does anyone else see an unnecessary risk here? Unnecessary and likely unacceptable.
Now let's assume that the information was encrypted and the keys are managed well. Risk of exposure is minimal. In most states there isn't even a requirement to go through the expense of notification.
5/26/08 UPDATED COMMENTARY:
So now it is known that this breach affects millions of people nationwide including hundreds of thousands in Connecticut alone. This is a serious breach in which it seems like BNY has not been completely open with the public. We also know that Archive Systems lost the the tape in transit. Although Archive Systems lost the tape, BNY should shoulder the blame. There is no excuse for sending backup tapes offsite without proper protection (usually encryption).
Past Breaches:
Unknown
UPDATED on May 7th, 2008 and May 26th, 2008
UPDATE: IMPORTANT NOTICE TO ALL READERS OF THE BREACH BLOG
Date Reported:3/26/08
Organization:
Science Applications International Corp. (Current and former shareholders of SAIC are reported as victims on May 7th, 2008)
The Bank of New York Mellon Corporation
Contractor/Consultant/Branch:
BNY Mellon Shareowner Services
Archive Systems
Victims:
Clients
Number Affected:
~3,500
~4,500,000
Types of Data:
"personal information including names, Social Security numbers and possibly bank account numbers"
Breach Description:
BNY Mellon Shareowner Services "has notified about 3,500 individuals -- some of them Maryland residents -- that the company lost a box of computer data tapes last month storing personal information including names, Social Security numbers and possibly bank account numbers".
UPDATE:
" On February 27, Bank of New York Mellon gave the unencrypted backup tape containing information on about 4.5 million consumers -- hundreds of thousands of them People’s United Bank customers and investors -- and nine other tapes to a storage firm, Archive Systems, Inc., for transportation to a storage facility. When the storage company vehicle arrived at the storage facility, the tape was missing. The other nine tapes reached the facility safely."
Reference URL:
The Baltimore Sun
San Diego Union-Tribune (UPDATE)
NorwalkPlus.com (5/26/08 UPDATE)
Report Credit:
Liz F. Kay, Baltimore Sun reporter
Response:
From the online source cited above:
A Pittsburgh-based shareholder services firm has notified about 3,500 individuals -- some of them Maryland residents -- that the company lost a box of computer data tapes last month storing personal information including names, Social Security numbers and possibly bank account numbers
BNY Mellon Shareowner Services, which assists clients such as MetLife, sent letters to affected shareholders of such clients offering them 12 months of free credit monitoring and other assistance
[Evan] It's not "free". Somebody pays for it. So with credit monitoring, affected persons would be notified AFTER they become an identity theft victim, IF they become an identity theft victim. The monitoring lasts for 12 months, at which time what happens?
"We have received no indications that there's been any inappropriate use of the data on the tapes,"
The company backs up its computer database every day and sends the tapes to a secure storage facility
On Feb. 27, a courier told them that one box could not be found.
BNY Mellon investigated to determine what kind of information the tapes held and notified its clients.
It then sent a letter to the shareholders.
The company estimates that less than 1 percent of its 35 million clients nationwide have been affected
[Evan] So? Is this statement meant to minimize the impact of this breach, or what?
Connecticut State Attorney General Richard Blumenthal's Comments when notified by BNY that "hundreds of thousands" of his state's residents are affected by this breach:
“This security breach seems highly dangerous, indeed possibly
devastating in light of the identity theft threat. You have also informed this office that BNY began notifying the affected customers six weeks ago and is offering one year of credit monitoring through Equifax. Given this extraordinarily serious security breach, this offer of protection is grossly inadequate. Connecticut agencies that have experienced data security breaches less serious in magnitude or potential damage have offered consumers two years of credit monitoring, $25,000 identity theft insurance and free credit freezes. BNY should do no less.
“I am especially concerned by the delay in informing consumers, possibly heightening the risks of wrongdoing. Neither People’s nor its customers were promptly notified. Even now, many may be in the dark.
“The loss of this tape -- so far unrecovered and unremedied -- is
inexplicable and unacceptable. It must be addressed by protective measures to forestall identity theft immediately.”
Commentary:
Was the information on the tape(s) encrypted? There was no mention, so I assume that it was not. Continuing with this assumption, this means that BNY Mellon Shareowner Services sends unencrypted customer database back-up tapes offsite every day. Does anyone else see an unnecessary risk here? Unnecessary and likely unacceptable.
Now let's assume that the information was encrypted and the keys are managed well. Risk of exposure is minimal. In most states there isn't even a requirement to go through the expense of notification.
5/26/08 UPDATED COMMENTARY:
So now it is known that this breach affects millions of people nationwide including hundreds of thousands in Connecticut alone. This is a serious breach in which it seems like BNY has not been completely open with the public. We also know that Archive Systems lost the the tape in transit. Although Archive Systems lost the tape, BNY should shoulder the blame. There is no excuse for sending backup tapes offsite without proper protection (usually encryption).
Past Breaches:
Unknown
Posted by Evan Francen at 3/27/2008 2:54 PM 
Categories: Lost Tape, BNY Mellon Shareowner Services, The Bank of New York Mellon Corporation
Categories: Lost Tape, BNY Mellon Shareowner Services, The Bank of New York Mellon Corporation
Posts Atom 1.0
I received BNY Mellon's notice - I was a former UPS employee and Mellon is the transfer agent for the Employee Stock program. Ironically, I don't have anything in the account, but my records were obviously still being maintained. The offer for 'free' credit monitoring is a load of junk - and seems to be the big fix for these losses. Also, it seems as though UPS has been the 'carrier' for alot of records loss that I have seen over the last few years...no sour grapes, just a fact. The article doesn't mention who the carrier was in this instance...I'm betting UPS...
Reply to this
I posted previously (I don't know if it is up yet) and was looking for correlations between people involved. I missed the one right in front of me! It was you mentioning UPS stock.
I wonder if the lost box contained all past and present UPS shareholders. I am a current UPS employee and shareholder. Like you mentioned, BNY Mellon is the transfer agent for the Employee Stock Ownership program.
Is there anyone else out there that received a breach letter and is a past or present UPS employee that used BNY Mellon as a transfer agent for the Employee Stock program?
Reply to this
I received a "breach" letter and the only stock I have is Disney.
Reply to this
I received a letter also, and my stock is with Diseny. I had never heard of this BNY Mellon so I called Disney to make sure it wasn't a scam, and they were very non-chalant about the whole matter and told me to call the phone # on my letter!
Reply to this
Have you followed the instructions on the letter and filed with Triple Alert?
Reply to this
Yes I have followed the instructions. However, neither the website nor the phone number work.
Reply to this
Legitimate
Recipients are confused because they don’t recall ever doing business with BNY Mellon Shareowner Services. The reason? BNY Mellon Shareholder Services performs services on behalf of other companies. Their clients include issuers of securities, such as publicly held corporations. They also administer employee stock option plans.
http://bbbconsumereducation.com/?p=690
Reply to this
i retired from kodak and received a letter from bny mellon. they handle kodak stock archives for employees and retirees. what a crock this is. the same thing with time warner...lost info. you know what-you don't see the ad for safe ssn's anymore...setup for new acct's.unbelievable....ain't life wonderful?
Reply to this
I posted this as an answer to the first post, but decided to put it here also so some of you can see it earlier in the blog:
I just got my letter from BNY Mellon. I too was concerned it might be phishing. Mellon deals with many different retirement plans in addition to their own products, they handle an old plan of mine. Anyway.. I just signed up on the Triple Alert. I did this after going to the BNY Mellon homepage and checking things out for it being authentic. You can do this yourself by going to the Mellon homepage www.bnymellon.com (type it yourself or google it if you are concerned about possible redirects). Then select the "News and Events" subcatagory "Press Releases". From that page type "tape query" in the search box and search. Then select the "August 28, 2008" release. Then read the release and select the www.bnymellon.com/tapequery link near the bottom of the release. This takes you to a page that allows you to enroll in the credit monitoring.
I was suspicious just like the rest of the people here, but when I did the above, I knew that it was legit. Yes, you have to give social security numbers and maiden name, and answer a couple follow up questions to ensure you are who you say you are. No prob!
I recommend going thru the steps above just to assure yourselves that indeed you are at a legit site, but I have no problem also recommending just typing in "www.bnymellon.com/tapequery" as instructed in the letter.
I'm not worried. Doug
Reply to this
Doug: How can you not be worried at all; whatever you are taking-I'd like some too. When most affected were not even notified 7 months after the fact. What happens after two years of the triple alert protection? Who covers stolen info then? The victim does. After a life time of protecting and building excellent credit, someone w/ my info would easily sit on until then. Your blasé attitude does not reflect the serious nature of this incident-you sound like a "plant" to reassure those affected. Your message of reassurance is most alarming, if those affected do not take serious action, this will only allow & perpetuate this lax security (unencrypted tapes) and the inadequate time lapse of informing victims. The very fact that it has taken them 7 months, in my case, to inform me via mass mailing that they have lost sensitive info and in the interim left me vulnerable to ID theft-is completely inexcusable-it's just bad business. -G. Valle
Reply to this
Doug/Gene: I received my "letter" 9-15-08. After signing up w/my "free" triplealert, one week later received a active collection notice where my SS# had been used to open a landline in March & never paid on it. My credit score is now 750, all 3 agencies have this discretion reported to them (although the collection agency promised they would not contact them since they understood I was victimized by identity theft), and I am spending 10+hrs/wk trying to rectify this $$$$. I am joining the law suit and will personally fund some, the absolute fraud perpetrated on us by BNY is unexcusable. They need to be gone, and I do hope this is what is their ultimate future. I have gone to extreme lengths to make sure all 3 credit agencies understand what BNY did and have contacted the govt. with an open petition to further scrutinize BNY...
Reply to this
Suzy: Really sorry to hear about your ID theft, this is what I'm fearing-although, as I wrote, have yet to hear from anyone, creditors, knocking on my door or calling, but have yet to see my credit report. I'm in NY I am looking for a firm that would be setting up a class action lawsuit for residents/victims in NY state. What state are you in? If you have any leads, ie, attorneys/firms, please let me know. -Gene
Reply to this
Gene/Suze: First Gene, bet you freak out about all of life problems. Of course there are potential problems with this. Suze's problems show this can happen. That is why they offered the fraud resolution services in addition to the triple alert stuff. Hope you are using this Suze... should be able to deal with the problem for you instead of you spending "$$$$". Good thing you signed up when you did.
And no I'm not a "plant", just someone else who was affected. Just wanted to share what I learned with anyone new to this thread (like I was) without the freaking out that I first saw here. The big difference between Gene and I is that I realize life happens and that no matter how much I rant and rave about it... the potential problem is still there. Best deal with it as life comes.
Good wishes to all of you. Sorry you got here like I did, but, after a month of being signed up, the offer still seems valid and I have no problem with signing up for the Triple Alert. I probably won't check back to this thread, so rant on if you want Gene. But be aware that you are only making it harder for others to figure out what is happening by adding to the length of the thread saying the same old stuff.
Reply to this
People: Lets not get personal here, we need to work together. I realize this is a dangerous subject, as my wife has been subjected to Identity Theft. Unfortunately, the laws favor companies over individuals (which just floors me). I'm a bit suspicious about this whole thing, but I hate the fact that I have to supply personal information to an institution who 1. lost it already (if they know they have my information, they should make it easier for us to get protection) and 2. If I sign up for the protection, I'm sure there is a disclaimer saying that you will agree that responsibility ends there for BNY and 3. when I called them, I asked them why they had my information and they couldn't even tell me. I already have protection on my credit. You can get a subscription probably for a 100 bucks or so/year and that route may be the best
Reply to this
Rob, I hope you can answer a couple of questions. What is this all about? I rec'd a check today for $24.46 from BNY Mellon. I gather from reading some of the submissions the gist of what happened but how did I get involved? I hadn't heard about any of this, did not give out any of my info, to my knowledge have had any business relations with the named companies. Can you help and/or give me advise about the future of this check. Thanks!
Reply to this
you work for BNY Mellon don't you?
Reply to this
I recvd a notice also and have already been a victim of id thief, it's no joke.
and a headache, so I'm still leary and investigating. I'm appalled at the inaccuracy of this co. And would think they made enough to have storage on site. It's ----------!
Reply to this
I received a letter from Honda of America Mfg, Inc addressed to me at my address but I have had NO dealing with Honda ever. It refers to a previous letter sent that I have never seen. I think this is a bigger problem then they are saying.
Reply to this
I received also, a breach letter and my small amount of stock is through an Insurance company. I have not yet checked on this. September 15, 2008
Reply to this
I too received a letter today, and I was a UPS employee stock holder. I sold my stock 10 years ago, so I was shocked to see that this data was still stored / used. I could not trace why I got this letter until I saw your post.
Reply to this
I received a letter yesterday. One of the companies I used to work for and owned stock in is SAIC. I sold that stock years ago. I called the phone number on the letter and a person in Manila answered. She told me the tape contained historical information. Now I have to decide if I want to sign up for the Triple Alert. It's unbelievable that the tape was lost in Feb and I didn't get a letter until Sep. My last name starts with a Y so maybe that's it.
Jesse
Reply to this
I just got a letter today. My last name starts with H, so it's apparently not based on your last name. I was also wondering why it took 7 months to notify us of this?
Reply to this
My last name starts with a B and I just got my letter yesterday.
Reply to this
My last name starts with a B and just received my letter today. The last name evidently has no bearing what so ever. I am from kentucky, where are all of you from? I am not a UPS employee or former shareholder and have no affiliation with SAIC, so I am wondering where my info came from. Also my father in law got a letter yesterday, and he is self employed and only deals with a couple of local banks. The only place he deals with that is not local is a couple of credit card companies, so evidentaally the were involved too.
Reply to this
I recieved my letter yesterday and have no idea what this company is. My last name starts with a W. I called the number and got a foreign lady and I asked her what company is working with them that has my information and she said she didn't know because it was on the tapes that were lost. So I told her if this is a back up tape where is the original and she couldn't answer. I think this is a scam and I plan on contacting the postal inspector.
Reply to this
I just got the letter September 15th and my last name starts with the letter C. I've never heard of this company and they don't even mention what company's info was lost. Did it include my bank account #'s if so I should be informed so I can close out those accounts and open new ones. I have a right to know if my accounts are going to be cleaned out!
Reply to this
I too just received a letter and since my last name starts with E, I don't think the first letter of your last name is the reason for the delay in getting the letters out.
Rick
Reply to this
My last name starts with a B, and I received my letter on 9/20/08 also.
Reply to this
my last name starts with D and i just got it today! i am extreamly confused i have o stock and have ever heard of this someone please help me get this!!
Reply to this
I received my letter on this date. I finally placed the Phone call as stated in the letter. And, just like many of you when they asked for SS# I hung up.
I had formally worked at Nationwide Ins. and also it was some time ago. I noted that nobody else had mentioned this company.
Someone on here mentioned a class action suit. You bet that's a great idea. A person works hard to keep their identity and stats safe, then this happens.
I will do as another suggested to call our credit bureaus and Place a fraud alert on my accounts and a credit freeze also on credit reports. The nos. for credit bureaus are:
Equifax - 1.
Experian - 1.
Transunion - 1.
I also think the letter is a little hocky. My feeling is they are sending letters to everyone everywhere that had at any time dealings with Mellon, to cover their A.
Reply to this
why are NY residents not covered by identity theft insurance? anyone know?
Reply to this
I work for Comcast in Colorado and I got a letter as well. Looks like this is wide spred and very bad
Reply to this
Accusing UPS as the carrier that lost this box of tapes without facts to back it up is an extremely reckless act. As you know, there are many other carriers out there as well as storage companies that have their own private fleets handling these type of shipments.
Reply to this
The only company that I worked for that had stock was best buy and home depot. Just so you know I have contacted an attorney's office and I want to see if we can get a class action lawsuit going. If interested then e-mail me at
Reply to this
Just received a letter. Never heard of them. Worried this is a scam and like everyone else, wonder why it took so long to notify me.
Reply to this
Just received a letter from them, go to google, type in bbb ct. and put byn mellon shareowner services in. You will see there address is not the same but everything else is. I think it is a scam. They have complains on them now and can not give a full report as of 9/25/2008. I also do not have any stocks in ups, Disney or any other company mentioned in all the responses. Good luck to all. Brian
Reply to this
I received the letter from BNY Mellon on 9/26/08 and my name ends with B. I'm beginning to think this is a Scam. I'm not a UPS employee and I don't have stock in UPS or Disney.
Reply to this
My letter was dated 9/15/08. I too, cannot believe this has happened. I am with many recipients in the belief that free credit monitoring would only be effective "after the fact". This is inexcusable. I am glad to see that others feel the same way and would like to be included in a class action suit.
Thanks for getting the ball rolling on this.
David Smith
Reply to this
I received my letter 10/1/08. My last name starts with 'G.' I have called them. They apologized profusely but that's not enough. 6 months ago my information was lost/misplaced/stolen ... whatever and I'm just finding out about it now??
Sharon
Reply to this
JC Pennys is my connection with bny mellon and yes I am very interested in a class action suit. Thanks for pursuing!
Reply to this
We are interested in a class action suit. We were notified by letter dated Sept. 15. The lost box(es) were late February. So why weren't we notified promptly? We had to cancel a CitiBank credit card in July because 2 attempts were made to charge over $1000 in purchases and caught by the credit card company because of an incorrect expiration date. We are with you in wanting action on this. Please notify me.
Marite Currier
Reply to this
Marie I wanted to share my experience w/ you...To all concerned: I followed the directions on the letter until I was at a point of being asked to give the every info they had lost in the first place, BNY, this is after calling the tel. given on the suspect letter, which is authentic. I spoke to someone in Malaysia, this gentleman was super blasé. I asked how and why they had my info to begin, he could not answer my question, I asked why they had taken so long in leaving me vulnerable for 9 months, he could not answer. He reiterated using the triple protection plan. I then explained that some were being charged for the service, he responded that it was free, whatever. I told I him I was leery about trusting a company that could adequately inform customers about about such a huge breach of security. I asked him what will happen after two years when said stolen info is sold and used, he said there was nothing he could do. I asked is there anyone living in the US at BNY who could answer my questions. I was transferred to an automated loop and never spoke to anyone. So I decided to to sign up w/ LifeLock at $100 per year. It seems that no one has used my info, but I may be wrong while I am still waiting for credit reports. I had mentioned to the customer rep. that BNY should be have enrolled immediately upon discovery of sensitive and personal info in February, and then in April when it happened again. I also asserted that BNY should also should be responsible in paying, in full, for my credit protection for the rest of my life, why should I be lifting a finger to protect myself after their mistake, "I'm paying for BNY's mistake-for the rest of my life?" I asked as well, he
said nothing. I had also mentioned to him the pattern I saw on the "BreachBlog" of those affected, it seems only people w/ good to excellent credit were among those affected, no answer from the man in Malaysia. After very frustrating searches and many calls, a Law firm in PA, Benjamin F. Johns at CHIMICLES & TIKELLIS LLP, One Haverford Centre, 361 West Lancaster Avenue, Haverford, Pennsylvania 19041, has started a class action lawsuit, but could not help me due to me being a resident of NY State. He stated that there are many affected by both breaches that have still yet to be informed. He also mentioned that the breaches have more likely affected more that 12 million individuals, and will continue to climb. I've yet to find an attorney or firm/group that is doing the same for NY residents, who are also conveniently not covered by the "$25,000 theft insurance" that everyone is entitled to; adding insult on top of injury. I would greatly appreciate if anyone can help w/ this matter re. class action lawsuits in NY. -G. Valle
Reply to this
I just got my letter from BNY Mellon. I too was concerned it might be phishing. Mellon deals with many different retirement plans in addition to their own products, they handle an old plan of mine. Anyway.. I just signed up on the Triple Alert. I did this after going to the BNY Mellon homepage and checking things out for it being authentic. You can do this yourself by going to the Mellon homepage www.bnymellon.com (type it yourself or google it if you are concerned about possible redirects). Then select the "News and Events" subcatagory "Press Releases". From that page type "tape query" in the search box and search. Then select the "August 28, 2008" release. Then read the release and select the www.bnymellon.com/tapequery link near the bottom of the release. This takes you to a page that allows you to enroll in the credit monitoring.
I was suspicious just like the rest of the people here, but when I did the above, I knew that it was legit. Yes, you have to give social security numbers and maiden name, and answer a couple follow up questions to ensure you are who you say you are. No prob!
I recommend going thru the steps above just to assure yourselves that indeed you are at a legit site, but I have no problem also recommending just typing in "www.bnymellon.com/tapequery" as instructed in the letter.
I'm not worried. Doug
Reply to this
I also received a letter informing me that my personal information was compromised due to the mishandling of information by BNY Melon.
At the risk of being hyper-critical I ask: Was there a motive behind the loss of the box of tapes or was it purely a mistake by the archive services vendor? We will be sure of a motive if anyone involved becomes a victim of identity theft. I will report back promptly if that happens to me.
Also, I am curious if there might be a correlation between the 35,000 individuals who were lumped together in the same box that was lost.
My credit score is fantastic (hope it still is) and my last name starts with a K. Do these two facts correlate with anyone else who received the letter?
Reply to this
I am a retired UPS employee and rec'd a letter today also. I am wondering if anyone else is fearful of putting "all" their personal info on the Triple Alert Website in order to get the "free" monitoring!!!!!
Reply to this
The letter arrived on Monday (6/23). My first thought was to go to the website and sign up. That is until I got to the page where my Social Security number was needed. Oh yeah. Like I really want to put that out there for someone else to hijack!
So I decided to call. I've been trying since yesterday (Tuesday) with wait times between 10 and 15 minutes. Each time I hang up. Today I decided to put it on speaker phone and just wait it out. I'm still waiting and my timer says 43 minutes and counting.
My question is: Mellon screws up and I have to waste my time signing up for credit monitoring? There's definitely something wrong with this picture.
The down side of a class action lawsuit is the lawyers get all of the money and the poor suckers whose info was "lost" will get $35 worth of certificates to use for something worthless.
Deja vu all over again. This same thing happened to me a couple of years ago with Wachovia. UPS was involved in that one too.
Reply to this
My name showed up as one used incorrectly by a credit card company from the 80's I don't believe this can be from Mellon. I too had my doubts when asked for my ss# on the Alert Site. No way I wasn't born yesterday. All the credit bureaus have my ss# already. They don't need me to give it to them again. This is BOGUS. I use to work for a large bank up until last year. They too had some kind of breach. They did offer a one year free credit report and I did take advantage of using it. I know that wasn't bogus and it didn't cost me a dime and I didn't need to give out any info or SS#.
Reply to this
my thoughts exactly. how do i know this is a legitimate site to register and providing them with my SS#? shouldn't they already have it on file??
were you able to get thru or are you still trying?
to be honest i'm a little weary about this whole thing. i bought stocks in Disney many years ago, granted the idea was sound at that time but nevertheless it was done. i then since moved several times so how the heck were they able to track me down since i didn't notify the change of address? you have to question it, did they use my personal info to track me down-- if that is the case, shouldn't they already have my SS#????
hmmmmmm---
pls respond to this note and let me know what your final verdict was-- thanks a lot-- take care and Happy 4th of July!
--paul
Reply to this
My guess on this is that BNY pulled a list to verify addresses the same way mass marketers would. Of course BNY has your SSN. The are just contracting with the company that is provided the credit monitoring & the code the give in the letter is likely just a discount code to make the monitoring free. That way the Credit Monitoring service doesn't get any of your info until you partake of their services. Would you rather BNY provide the monitoring service with all your info in advance?
Reply to this
I received letter on 6/20 that my info was in the missing box.2 weeks prior my freind was notified. prior to that his aunt was notified . we all have one thing in common , disney stock. I tried the phone # first, but they require my SS# so i figured i would try this . Now what?I tried the websitebut didnt get any where. Ive got a feeling there is some kind of scam going on. please let me know what your plan of action is, Thanks . Greg
Reply to this
The only stock I have is Disney, like a bunch of other people talking here apparently. I just got the letter today, though it's dated 6/13. I'm also a bit scared to give them my SSN. It says for confirmation purposes, but shouldn't the activation code be enough? I did manage to get through to the phone number right away though. It seemed pretty legit but I'm still not 100% sure. What do you guys think?
Reply to this
I ALSO have Disney stock and received my letter today as well, I'm in Maryland. I called Disney and they confirmed this actually happened and they told me to call the # on my letter. But when I got my letter they were closed, I immediatley signed up on the Triple Alert website as a precaution because this happened in Feb and Im just now being notified about it, 5 mos later! I also called all companies I have a credit line with and was able to change my account info, etc. They will paying extra close attention to my account activity from here on out.
Reply to this
Greg,
I have Disney stock as well and I don;t think it is a scam.. There are too many articles on this matter and the lost box of tapes. I called Disney tonight when I received the letter to make sure this wasn't some BS scam artist trying to get my SS#, etc. Disney verified that this really did happen and they were actually very non-chalant about it. I am contacting an Attorney immediately! Here is the # for Corporate Disney: 1
Reply to this
THANKS FOR THE PHONE NUMBER. WHO ARE WE TO COMPLAIN TO? Shouldn't NY HAVE SENT OUT A LETTER TO ITS SHAREHOLDERS INFORMING THEM THAT THIS HAPPENED? I JUST GOT MY LETTER TODAY. IT WAS DATED SEPT 23, AND THIS HAPPENED ON FEB 27! IF YOU HAVE THE NAME OF SOMEONE TO SPEAK TO AT DISNEY I WOULD APPRECIATE IT.
Reply to this
No Disney stock here. And TAPES? What year is this anyway? Tho uses tape anymore? I think this is a scam to get people to sign up with this credit reporting company. It's only free to start. Some people will actually continue to pay anual fees for this "protection". Everybody I know has had "breached" financial information. Hmmm. Makes you think.
Reply to this
I agree - I think this is a scam to get people to sign up for a credit monitoring service - I received this letter in september and this happened in February - I already have a identity theft service so I don't need the specific product they are offering -This whole thing rubs me the wrong way because I don't own any stocks or investments and I have never had any dealings with this bank - Yet, they have my name and address.
Reply to this
Paul,
I received a letter today and I thought it was a scam, I had never heard of BYN Mellon but I have stock in Disney. I called Disney to ask them about this and they were very non-chalant about it and told me to call the phone # in the letter. When I got my letter it was conveniently after their hours so I immediatly signed up with Triple Alert. I cannot speak from persnal experience with them, since I have never had the need to sign up before but I hope I didn't make a mistake.
Reply to this
Hey Paul, I received a letter from BNY Mellon re: the lost info. I called the Atty Generals Office in Ct. and they told me that it was all Legitimate, and the Atty Gen. got the two free yrs of credit reports for the customers who were affected by this. I was still very leary about giving out my S.S.# and I Didn't give it! What's your thoughts on this. Thanks, Jerry
Reply to this
HI MARLENE-JUST READ YOUR BLOG NOTE RE CONCERNS ABOUT FILLING OUT THE TRIPLE ALERT 24 mos SECURITY OFFER. YES, I AM CONCERNED ABOUT FILLING IT OUT. THERE IS ALOT OF PERSONAL INFO IN ONE SMALL FORM. I HAD NOT READ OF THE BREACH UNTIL I REC'D A LETTER FROM BNY MELLON DATED AUG 27!! YOU ALL SEEM TO BE WAY AHEAD OF SOME OF US. BUT I GUESS I AM GOING TO FILL IT OUT AS I HAVE TRIED CALLING THEM AND e-MAILING AND HAVE GOTTON NO RESPONSE. HEIDI
Reply to this
I just received a letter this week but do not own any Disney stock. I do work for a company that uses MetLife, which was mentioned in the press release. So it could be breach of the information MetLife has on me; dental insurance for one.
Reply to this
I received a letter also and decided to enroll in Lifelock and bill BNY
Reply to this
That is a good idea. How do you go about billing BNY? Have they paid you yet? What will you do if they ignorne your bill?
Reply to this
I received my notification letter from BNY on 9/9/08. No way will I put my info on their Triple Alert website!
Reply to this
When I spoke with BNY, they explained that Triple Alert is an Experian product. They are one of the credit reporting agencies. I already have a credit checking company, Privacy Guard, so I'm going to call them. I will say that the FTC isn't being very helpful.
They did verify that the incident is legit, however.
Reply to this
I got the letter today and I couldn't figure out what info was compromised until I found this blog--I am a retired UPS employee and my last name starts with A--What about my spouse??? his name and ss# is on my account--I am mad and I am calling Mellon tomarrow
Reply to this
My last name starts with L and I also have good credit. I am also told that in my state the insurance can not be obtained-only the monitoring!
Reply to this
I also have (hope I still do too) fantastic credit and a last name that begins with K...
Reply to this
My credit score sucks. hopefully if someone steals my identity they will build me some credit. (heh). I received the letter today, have NO affiliation with UPS (besides receiving the occasional package), Live in Carrollton, TX (Dallas) and my last name starts with "P". My only bank account is with Capital One; and have a JC Penney card and a Valero Gas card. How the heck did MY information get on that tape???? If anyone has any similarities, let me know.
Reply to this
Ok. i am confused and pissed. So far, I've read that people do have stock in Disney, and some work or formerly worked with UPS. Well help me solve this one: My husband and I HATE DISNEY world-we have NO stock in it, and , get this- I have moved since we were ever in DISNEY (2002). We DID not provide those people any personal info-(you know when you do that 90 minute thing to get a discounted vacation)-so...they mailed the letter to my NEW address (it WAS NOT forwerded)...interesting. I have not been notified by my own personal monitoring service as of today. I'm still worried (I worked hard as hell for my good credit!!!!!!) but I think it's a scam!!!
Reply to this
I have terrible credit and my last name starts with A. Go ahead steal my identity I pay for my stuff with good old cash!!! Im so sick of all these glitches and f&*%$$ up companies.What kind of world do we live in? We have to protect ourselves from losers trying to steal our identity now!? Karma is good!!!
Reply to this
I just got this letter yesterday I live in the bronx and do not have great credit. I never owned stocks with disney or have never worked for ups I have a capital one loan account and a couple of store credit cards. My last name begins with a "T" dont think this is legitimate either believe my name was given by one of the creditors to sign up for this "free credit monitoring. Sounds bogus. not sure what to do except watch my accounts.
Reply to this
You solved this whole SCAM, hope everyone takes time to read this. I am a JCPenny cardholder (NOT in the future), they have sold my info to Mellon for this Scam. My name (as included on my "official NY mellon shareholder letter") is ONLY USED ON MY JCPENNY card, no one else has this unique (and incorrect) naming scheme. Truly a marketing thing but think Mellon's CEO must be fired for such deceptive practices (think how much time has been spent by U and everyone else who got this crap). Am contacting JPC now, our relationship has ended - they will now be less $5K/year...
Reply to this
I live in The Colony, TX (very close to Carrollton) and have a Capital One credit card. I've never owned any stock in my life, yet I got the letter today. I don't know what the hell is going on.
Reply to this
My credit score is good. I have no affilitation with UPS, disney stock, or anything else mentioned in these blogs. I live in Sevierville, TN and last name starts with "M" I just recieved a letter from Mellon on Sep. 18. I do have a bank of america account, Belk account, suntrust, goodys, but have no stock that I know of, so your guess is as good as mine. How the hell did MY get my info???
Reply to this
They got your info from the credit bureau. The credit bureau's always have your latest addresses on file.
Reply to this
mellon handled bank of america sometimes in the past... That company went thru reorg. just can't remember the date
Reply to this
I was just notified (6/24/08) about this lost box of tapes and am furious if this is in fact true. I came on this website to try to legitimize this occurrence of missing tapes by BNY Mellon Shareowner Services. My last name begins with B but haven't checked my credit score. It seems strange that we two would be in the same box (given our last names). Can you help me legitimize this having happened. I have called BNY Mellon but haven't activated my free credit monitoring.
Reply to this
My name ends in L and I live in Florida and just got the same letter. My broker said it sounds like a credit monitoring scam.
Reply to this
Did anyone sign up?
Reply to this
Funny, I just was notified (6/30/08) about this lost box as well. My last name starts with a "Z"! I haven't been able to get through to anyone at the number they provided, but it sounds like that's not going to do much for me. This also involves my five year old son because this was regarding Disney stock that was purchased for him when he was born.
Reply to this
My last name starts with B, and I got that letter informing me that my personal information was compromised just this week: 6/20/2008. What have you done about it?
Reply to this
I don't know my credit score but it should be very good. My last names starts with C. my son's name begins with W. He wouldn't have much of a credit score since he is only 18 and has no credit cards, only a ATM card.
Reply to this
my last name does NOT start with a K and my credit score is mediocre. Im also a female in MD.
Reply to this
We received the letter this week (8/30/08) so they are still notifying people. My name begins with K as well. We also have great credit history so maybe there is a pattern emerging!?!
Reply to this
I just received my letter yesterday.
Last name = "P"
I don't have stock in UPS or Disney - but do have MetLife.
Has anyone tried registering for the "free" credit monitoring yet?
Reply to this
I just received my letter yesterday as well. Last name: K
I have dental insurance with MetLife Inc. I found out the source of the data from the AG's letter cited below.
Reply to this
I just recieved my letter today. I do own a large number of stocks that BNY Mellon handle transfers and purchase of. I happen to call the 'Help' number and talked to some one in MANILA! Amazing. This has been the thrid or fouth time that I have been 'notified' of the incompentance of those that we trust with not only sensitive transations but personal information! AND WE SHIP OUT THE HANDLING OF THIS SCREW UP TO OTHER COUNTRIES! Absolutely AMAZING!
Reply to this
I also received my letter today. It says that according to BNY Mellon and JPMorgan, the data back-up tapes contained personal information and that I am one of the Honda ADR holders whose information was contained on the back-up tape which was lost. I don't own Honda stock; however, I did purchase a used Honda in June 2008. Also, I must reply by 9/8/08 to sign up for the free credit monitoring service....I think that I'm going to pass since I have only one day to investigate further and just hope for the best.
Reply to this
we got the letter yesterday. No Disney stock, last name starts with A. I did get a letter last summer that my 1stBank debit card had been breached. We do have several stocks, but no Honda. We seriously don't know what to do. We can't get through any of the numbers either.
Reply to this
I too received a letter on 9/8/08 involving lost tapes affecting "Honda associates and retirees" who hold ADR stock. I do not, have not and never bought any Honda products, and the only stock I have is in my retirement fund. My letter conveniently arrived on 9/8 stating that I had until 9/9 to sign up for credit monitoring. Seems very fishy. The closest I can come up with is that I have a Chase CC, which is named in the letter, so I'll be calling them.
Reply to this
I rec'd letter 9/9/08 postmarked 8/27/08. Addressed to Honda ADR Holder stating I recently received a letter from BNY Mellon Shareowner Services notifying me of lost data backup tapes affecting Honda associates and retirees who are ADR shareholders.
My last name starts with "K", I have owned disney stock but not for 7 yrs, don't work for UPS or Honda. Bought UPS stock when they initially went public in 99/2000 and have never owned a Honda. I did find it interesting that you mentioned your letter stating your account with Chase CC why would your letter mention that? I have several visa/mastercard credit cards and there is no mention of any of that in my letter, it has no bearing.
My letter states I have until the 9th, yesterday to activate, didn't receive until the evening of the 9th. When I called the 1- number a recording states the activation date has been extended. Speaking to a person I told him my letter says this is the 2nd letter I was sent and the 1st letter contained the activation code. I advised him this was my 1st notification and he said that was an error that this was actually the 1st letter and that there wasn't a 2nd letter. I have moved 5 times since I owned disney & UPS stock and they have my correct address on this letter, strange. This whole thing sounds a bit fishy.
Reply to this
I got the same letter. Never worked for Honda but I've bought two. A friend of mine got a letter also but her's was to Bristol-Myers employees were we use to work. I went to the website but stopped when it asked me for my SS #. I smell a rat!
Reply to this
I received a letter 9/17, also other letters from them in the past, I have thought it was a scam or a collection agency. I have some Merck shares, but nothing else. The form letter has a "one time use code" but the letter looks like they are all the same crappy print, not a unique code.
Reply to this
I received a letter 9/17, also other letters from them in the past, I have thought it was a scam or a collection agency. I have some Merck shares, but nothing else. The form letter has a "one time use code" but the letter looks like they are all the same crappy print, not a unique code.
Reply to this
REPLYING TO YOUR INQUIRY RE-LAST NAME. MINE STARTS WITH D
Reply to this
I too received this letter on Sept. 15. I noticed that some received their letter in June which I can't understand why so long in between. My credit is fantastic and my last name starts with a Y. I am still unsure about all of this.
Reply to this
Yes I have also recieved the letter Have not yet figured out how I am linked to BNY Mellon and I have steller credit rating and yes my last name starts with a K.
Reply to this
I too, received a letter today, September 17th. I have read through all of the blog comments and I am quite perplexed why I received my letter in Mid September while majority of the others received letters back in June and prior. I called the # on the letter and they told me they could not escalate my call to a manager or someone in charge and I needed to sign up for the Credit Monitoring Service. I received my letter in my maiden name but at my current address. I have been married for almost 19 years and very dubious that this letter is non-fraudulant since prior to my name changing, I had just gotten out of college and had no dealings with UPS. Have taken a disney cruise and of course stayed @ the disney resorts. Additionally, I have a JS Penney card that has not been used in 18+ years so maybe this is the missing link for me. But, I will use lifelock and/or call the credit bureaus to place a credit freeze on my credit reports before I will ever sign up for Triple Alert and give up SSN#.
Reply to this
My grandmother was sent this letter and she died 4 years ago. She had great credit and great record keeping. This has to refer to something she never had or no longer has had for several years. Could this letter be a way for a hacker to read our messages on this site and get access to our computers and use them in identity fraud?
Reply to this
Yes, my last name starts with a K.
Reply to this
My daughter received one of these letters today. She has never owned stock and the only link to BNY could be the supermarket where she works part time. I wouldn't let her reply to the web site since it asked for her SS#. She contacted other employees and none of them received this notice. Last name starts with "T".
Reply to this
I got my letter today (Sept. 22, 2008). It was the first I had heard of the compromise. Also, I have a very high credit score and my last name starts with a K. The only stock in my name is BP.
Reply to this
mellon is the agent for BP PLC stocks. but the communication center for BP stocks is for JP morgan 18009901135.
Reply to this
My credit score is fantastic also and my last name starts with a L. I received my letter on Oct 2nd which is absolutely unreasonable. So they had to do their investigation, get the credit monitoring service set up and establish a website to explain the circumstances. So what, there should have been notification immediately. This is quite unacceptable behavior for a business.
Reply to this
no not at all acctually i have not the best credit and my last name is D so it dosent make much sence
Reply to this
I received my letter in late September. Replying to your post. My last name begins w/ "V", and I also have a great credit score. After reading most blogs/posts, it seems everyone who got this letter has good/excellent credit. It all seems odd and too convenient.
Reply to this
I got a letter as well...
Reply to this
My husband(UPS) just received this letter yesterday (4/14). More than ONE month after the files went missing?? The letter wasnt certified, so who's to say we even received it?? Very lax of Mellon in my opinion....Who even knows for sure if this letter of from MELLON??
Reply to this
I called today by broker suggested making them send a letter stating that no personal info was compromised...Ups said they would---we will see--I also complained about the looks of the letter(ie Junk mail look) here is the direct # this is UPS call center..
Reply to this
I tried to verify if the letter really is from Mellon. Their address for Mellon Shareowner Services online is listed as: PO Box 358016 Pittsburgh, the addresson the letter is: PO Box 358630. The phone# listed online for MSS is: . The letter says: . When I checked Experian's website, they offer something called "Triple Advantage." The letter says it's Triple Alert. Has anyone been able to verify if the letter is really from Mellon? My husband got the letter for a now-defunct 401k account. We put a credit freeze out on both our names.
Reply to this
The address on my letter is totally different; PO Box 1570, Manchester, CT
Reply to this
that is the address I have, PO BOX 1570 Manchester.
Reply to this
PO Box 1860 on mine
Reply to this
PO BOX 1860 on mine as well. Just received it today 9/17, and the letter is dated 9/15. I, like all of you are trying to figure out if I need to worry about this or not... seems like a scam. But there is legit news about the breach. Very strange... can anyone shed credible light on this?
Reply to this
P.O. Box 1860 on my letter. Manchester, CT
The phone umber is different than those stated above: .
Letter is dated September 15th, but I just received it today, 9/25.
They also give this link in the letter:
http://www.bnymellon.com/tapequery/
We have no UPS or Disney stock, but think that they might be the new transfer agent for some other stock we have.
Reply to this
My letter is dated August 27 '08 and has this same info on it. I have had no affiliation with, nor owned any stocks of, Disney or UPS. I DO have many other accounts, investments and charges and would like to join together to get an attorney to get to the bottom of this. They are scaring us, perhaps unnecessarily, and PERHAPS trying to take advantage of us while saying they are "protecting us." I'm not giving them any info!
Reply to this
S-C-A-M!
Reply to this
My letter also states the address and phone number 1860 CT and . I received my letter Aug 27,08. I too do not have any UPS or Disney stock, so Im wondering what it is that involved me.
Reply to this
I just received my letter yesterday. 9/29. The PO box on my letter is 1810 Manchester, Ct. I use credit protection on one credit card and was told by them to call a credit burea and have them put a fraud alert on my accounts.I would only do this if I felt it were absolutly necessary.Very inconvient.
Reply to this
PO Box on my letter is 1810
Reply to this
po box 1860 Manchester, CT 06045 and how did this company get my current address? i am unlisted, have no hardwire home phone (all cell) in addition i have not held any stock since i lived in a completely different state.. LASTLY i never notified that state of my address change.. so in theory i can find no evidence to support the validy of this letter. in my personal observations this is something to be avoided at all cost. I am also considering notifing the local media just to see what the reporters can dig up.. we all know how they love to discover the lastest scam.
Reply to this
I'm with you Bill. The address on my letter is POB 1860, dated 8/27 and I received it today, 9/12. I have never owned stock in Disney, don't work or own stock in UPS, never owned or driven a Honda, have mediocre credit and since I am gearing up to purchase a home I already have a credit monitering account in effect. My first instict was that the letter was a scam generated by the consumerinfo.com site. I will monitor my credit as I have done every month in the last 6 months and pray for the best. My last name starts with "M" and I live in CA.
Reply to this
I just received my letter 9/6/08 and my PO Box on my letter was different 1860 Manchester, CT 06045. This is scarry isn't it.
Reply to this
I just received a letter re: JPMorgan / Honda and the address is PO 64507 St Paul MN
Reply to this
I too recieved a letter yesterday - I am
relentless about my security... I called mellon, they refused to tell me
anything about my loss.
Keep in mind you probably don't have a
direct relationship with mellon -
go to small claims court - file a suit for the max allowed in the court, and see what happens.
You do not have to take this
and I won't.
Reply to this
Received my letter 9-8-08
RETURN Add: PO Box 1860
Manchester, Ct
We haven had credit cards in approx.,
ten years. No Honda or Disney or UPS
stocks. I have made stock purchases and
sales in the last five years. Haven
been able to receive any help with the
phone nuimbers, plus my computer
security system block one of the web
key-in with possible faud msg..
Reply to this
I just recieved a letter. I don't have Disney stock and am not affiliated with UPS. The address on my letter dated 8/27/08 is PO Box 1810, Manchester, CT 06045
Reply to this
I also got the letter on 09/15, and I called the # and talked to some fast smooth talking young girl,you could tell she was scripted what to say, and to call that# to sign up!.. It is a scam, because she kept saying I can't give out any information! Just kept pressing on need to call the# to sign up for the credit monitoring service! I also am pissed! I work for J.C.Penney year ago and I still have stock with them, and also have a credit card I am going to take legal action, and if they give personal information, to be at risk for identity theft, I feel we should file a class action suit. Now we all have to worry about this, even if this could be a scam, because of the risk of hackers! I work for a collection agency, I was shocked all the techniques they can use to get personal information. I think we should make BNY and all the companies who sold our information to them responsible and we should all banned together and start a civil suit, trace where this letter came from, and hold them accountable!!! My last name begins with a "R" and I also have good credit.
I am going to move my stock and close my JC Penney, and no be a customer! Of all the dirty tactics,just to get more $ for the low-down credit service. If it is legit, and they did lost our information, now we have to suffer and worry if our credit is at risk, and they should pay!!!
Reply to this
hahaha... this is funny. that letter is legit and as well as for promotion. i strongly believe that no information is compromised and Lots of us actually believe that this is a faction between bnym and the credit monitoring companies. we hate this missing tape letters as much as you do Ms. R! you can enroll in free credit monitoring but if you are a holder of any stock which bnym handles then you are impacted. HAHA because we think that this type of letter was sent to all of the shareholders. historical or not, impacted or not impacted.
Reply to this
I called Mellon in Pittsburgh today and they said the letter was authentic.
Reply to this
I received a letter from Mellon. I do have stock in Pepsi and Diebold. After getting the run around from Mellon I stopped by the police station to check on identify theft. Until something happens or someone steals my personal info the police can not do anything. Anyway I called Experian at 1- AND I GOT A LIVE PERSON there is no charge for this credit alert for two years. I would rather be safe than sorry. I did go ahead and order this info. There was no charge to me.You just give the person on the phone your personal info. If you call the number on the back of the letter this does not give you the option for entering the activation code.
Reply to this
I received the same letter on 9-22-08 and thought it was a scam. After calling Mellon they could not give me any additional info. I called the credit bureau and they indeed informed me this was not a scam and very legit. The code they ask that you use is a code for their systems that will identify you as a compromised account holder and will assure there are not charges.
Reply to this
The letter is legit. You have to keep in mind w/a corp this large we have to send letters that look like they did. We also would have a different addr & ph# online from whats on the letter b/c duh the # listed on the ltr is a dedicated line just for this situation & the addr as well is a dedicated addr specifically for inquiries on the missing tapes. There are steps that you have to follow in order to make something like this go smoothly. We have not recvd any reports that anyones info has been misused. When you sign up for the monitoring it will date back to the date it was reported to our Co that the info was missing. The whole purpose for the credit monitoring is to stop identity theft from happening. So IF you enroll & someone actually does have this info then you will be notified BEFORE the requested credit acct will be approved. That is why Experian asks for your ph#, addr, email, & other personal info so that you can be notified BEFORE anything happens. That is why we also provided you w/ the ph# for the FTC (Federal Trade Commission) so that you could also place a fraud alert on your credit file. None of this actually affects your credit file or score, it just allows us to monitor your info. The fraud alert will also delay any requested credit accts from going through. Even if you apply for credit somewhere it will be delayed for further verification. It will not affect the outcome of the approval or denial it will just delay it for the full verification. As for the credit report. You are obligated to 1 free credit report each yr. We are NOT offering the credit report. That is why we gave you the web addr & ph#s to each credit bureau so that you can request it. If you have requested your free credit report in the last 12 months the you will have to purchase the report. AGAIN we are NOT offering the credit report, we ARE offering the credit monitoring for 12 months. if anything happens after the 12 month period, then you can always file a claim w/ our Co. You will need to send it to the address on the top of the letter. I hope I was able to clear things up for you all if not then call the # that is on the letter. That will take you directly to the dedicated individuals who can assist you.
Reply to this
What happens if the unthinkable happens I expect a lot more then credit monitoring! Who is going to compensate me for hours spent getting my credit and identity back? This takes time and YEAR’s.
I personally do not want to accept anything from Mellon; it may mean that I agree to some terms I do not know about.
Reply to this
I received this letter in the mail as well, and although I am a user of the shareholder services, I do not believe this letter is legitimate. If CSR is indeed representing the company, he would never in his right mind use abbreviations only appropriate for text messaging. Seriously? Legit and #s? I am almost certain this is a scam after reading that post.
If Mellon was aware of the incident so many months ago, why are we only now receiving these letters?
Furthermore, I typed "triple alert" into the experian.com search engine, and no results came up. Only triple advantage. Upon examining the experian logo on the experiandirect website, i can see evidence of photoshop work below the icon.
I am very skeptical that this is, in the words of CSR, "legit".
Reply to this
One year is not enough. Anyone who steels identity will wait the year until credit monitoring expires. Then we are expected to pay hundreds of dollars for your mistake. There should be a cash settlement!
Reply to this
IMHO you and this entire campaign is a very sophisticated ID theft scam prolly sanctioned by certain institutions within the industrial and regulatory world. What better way to ruin our (Americans) financial status even more than it has already evolved to since 2001? If you want to bankrupt and Depress a nation what better way then through a strategic mortgage crisis and a personal credit destruction ploy via a sophisticated 'phising' scheme like this seems to look like. IMO your posting is quite specious and insulting.
Read book: "Confessions of an Economic Hit Man" by John Perkins (ex-NSA employee) - wake up America and stop being amnesiacs!
Reply to this
You can't be serious! The credit monitoring isn't free - it's just a trial offer.
I called twice - no one could tell me what companies were effected and how they got my info. One lady said the computers were down for 24 - 48 hours, five minutes later another lady tells me the computers are fine but she still can't answer my question - someone can call me back.
The tape was probably lost on purpose - -HUGE SCAM -don't give them your activation code - it doesn't give you more info, it just gives them confirmation about you.
Reply to this
Yes, this is a HUGE Scam. Do not give them any information, in fact I was advised by our Financial Advisor at Merrill Lynch to not even sign on to the website they give you.
Reply to this
It seems a real person from the real BNY Mellon would give more than their initials. I received a letter today, dated August 27th. There is no way to tell if the so-called unique code is actually unique. My address has changed recently but my new address was on the letter. Also, I haven't owned any stock for years - so why would Mellon Bank still have records? If they are keeping "lifetime" records on people, they are probably open to a class action suit; and they should be audited and, perhaps, penalized by all appropriate government agencies. Also, they should be able to tell me the specific reason why they have my name in the first place but they didn't.
Reply to this
I received the letter today, and have been researching to see if this is a scam. My address changed recently also, but the new address was listed. I do not have stock in Disney or connection with UPS as previously mentioned. I have no idea where they would have gotten my info. I have not contacted them yet, but it sounds like you did not get anywhere anyway. Are you going to just monitor your credit yearly?
Reply to this
You're absolutely right. I need more information from them before I provide more of my personal information. I have no idea why they would have my name. I received the letter today and I don't have a relationship with these people (that I know of). I haven't owned stock for years, my credit is so-so and I just refinanced my Hyundai Elantra through Wells Fargo. I pretty much live from paycheck to paycheck, but my bills are paid. I'll open an account with LifeLock and monitor my own credit.
Reply to this
I am curious about this response. A legitimate company would not respond in this manner or write in this manner. This makes me believe that the letters are a scam. Sorry-you did nothing to alleviate my fears.
Reply to this
My husband received this letter a few days ago. We could not figure out where they had gotten our info, we had never heard of them before. Called the toll free # and also got Manilla. They gave me a customer service #, which I called and they said they couldn't tell me what company the info came from, could have been something from long ago. I asked them if they had any affiliation to Bank of America and guess what! They in fact had acted in a management capacity (and I use that term loosely)prior to 2004. They still have all of that old information, or had until it was lost. I took a look at the "Triple Alert" application and have decided NOT to sign up as they are asking for our social security number and if this is a scam I'm not going to help add to their information!
Reply to this
If you are a CRS for Mellon you just proved to me this is a scam. What big business would reply with "Duh" when replying to individuals involved in such a serious issue you company created.
Now it appears in this marketing scam that you have to offer 24 months security in order to make it enticing.
If this is such a big company why is everyone having issues getting information and talking to a representative?
Reply to this
Has anyone signed up for the credit monitoring?
Reply to this
unfortunatley I believe this is a load of crap. I HAVE NO STOCK and if this Mellon company has any of my personal information they have it illegally. If they were offering a free credit monitoring service for their mistake they would not have you pay for it first.
Reply to this
Thanks for the note. When I tried to sign on to the credit monitoring -- after using the one-time activation code -- they tried to sell me a $40 report. Sounds like a scam.
Reply to this
The name of the storage/transport company is clearly stated in the Attorney General's letter below -it is Archive Systems
http://www.ct.gov/ag/cwp/view.asp?A=2795&Q=416000
Reply to this
Well my co worker at UPS in a Canadian office just found out that his identity was used in the US for a college student in some form or other. I am not clear but he received notice of some illicit transaction of funds, through his identity. He is looking into this so I am worried. I sure hope this is not related but could be. Being a Canadian who contributes as my American neighbors would I have little recourse. I can contact equifax and hope for the best.
Reply to this
I have spent over an hour trying to figure what this is all about. Held for 15 minutes trying to sign up for the FREE credit monitoring and gave up. It is free-if you can get someone to talk to you??!!!
What good is this free credit monitoring if they do not give you an instant call!
I called and talked to a Mellon supervisor and he was no help at all!!!
You would THINK MELLON WOULD BE RESPONSIBLE FOR MORE THAN THE HASSLE THEY ARE PUTTING US THROUGH!!
Reply to this
Interesting that it took Melon so long to respond to me about this. I received the notification letter only today (5-30-2008), far too long a delay. I did not want to reply to the letter (register on the website) until I was able to verify that the letter was true, came from Mellon, etc. I have checked several websites to verify that it is legitimate, am not sure if I trust Mellon to do what they are saying or not - what devious information might they have that I do not see if I register?
Reply to this
I was not able to contact Mellon direct through the same means previously used when I thought my account was safe. When I call the 888 number to "WHO KNOWS WHERE”, (a special line to handle this situation) I inquired what information the Customer Care Representative could see about my account. He had it all, SS#, address, Account #, ALL. He could not answer any of my questions and I was told someone would get back to me soon, how soon? He could not answer that either. So NONE of my questions where answered. However, I have to say the Representative was extremely nice but not knowledgeable in the least. I do not trust them.
Reply to this
Connecticut Attorney General's Office
Press Release
ATTORNEY GENERAL, DCP ANNOUNCE TOP 25 COMPANIES WITH CT RESIDENTS AFFECTED BY BANK OF NEW YORK MELLON DATA BREACH, BANK TO PROVIDE FREE CREDIT PROTECTION
May 30, 2008
Attorney General Richard Blumenthal and Department of Consumer Protection (DCP) Commissioner Jerry Farrell, Jr. today announced the top 25 companies with the most Connecticut residents affected by the Bank of New York Mellon data breach and that the bank has agreed to provide free identity theft protections for 4.5 million potential identity theft victims, including almost 500,000 in Connecticut.
The 497,333 state residents -- the vast majority depositors of People’s United Bank or shareholders of John Hancock, Walt Disney Company and TD Bank Financial Group -- are at risk of identity theft after a storage company hired by Bank of New York Mellon lost an unencrypted backup computer tape on Feb. 27 containing their personal financial information, including Social Security numbers, names, addresses and some bank account data.
SOURCE: http://www.ct.gov/ag/cwp/view.asp?A=2795&Q=416454
Reply to this
Hmmm ... my husband and I just got a letter and WE DO NOT have anything to do with this company, do not own stock, nothing, zip, nada .. Makes me wonder what they had on us ... I never worked for UPS, neither has my husband... Definitely interesting to say the least.
Reply to this
My husband just got the same letter and like you we DO NOT have anything to do with this company as far as I know. My husband's name is Riccardo and it was addressed to "Rick". Any official documents he has would be in his full name not Rick. Certainly bank accounts, credit cards and stock are in his full name. So where would they get this name? Very strange. What are you all doing about it? I'm apprehensive to call or go online and give any of my personal info to anyone.
Reply to this
Very interesting. Got my notice in the mail today as well. 3 months after the trouble. I have owned stock in the past from several different companies. It looks like they offer several different types of services. You could be in their system and not know it. They are a middle man type company that works in the background. A funds transporter, not a manager. They don't offer investment services, just a way for a big business to offer stocks and retirement services to employees. They move money from here to there and back as needed and do so "securely"...So if you wonder why they have your information, it could be for a million different reasons.
Reply to this
I got the letter from Mellon, went to get the credit protection, and they want my Date of Birth, SoSec No. and mothers maiden name. I assumed it was an attempt to steal my ID info. My stock broker knows nothing about this. When I find out what bank or broker or whoever I'm with that is screwing around like this I'll raise hell and black list them. Anyone Know How To Learn What Company Did This? I have Never Done Business With NYC Mellon.
Mike in Northern Calif
Reply to this
I actually signed up for the credit monitoring. I went ahead and submitted my ss#, but I too was a little weary so, when I saw all the info they wanted I thought that was a little odd. I went ahead and submitted everything but without the real information just in case. so we'll see what happens.
Reply to this
I also received one of the above letter’s, my question is if Mellon has all our pertinent information WHY are they asking for your social security, mothers maiden name, date of birth, etc., etc. - exactly EVERYTHING that the bad guys need to steal your identity.
Does anyone else feel uncomfortable about supplying this much information?
Reply to this
Totally uncomfortable in providing all
detail requested. If you have the identity information, why are you asking it again??? Prove you are the 'good guys'....I need more info
Reply to this
I got the same letter today (6/2/2008) I do not work for UPS and I live in Miami. I have never had any accounts with this company either. Its pretty sad that it took them that long to report this to the people. The question that I have is, does Mellon not have to follow Sarbanes-Oxley requirements? Do they never get audited? How does and auditing firm not discover that backup tapes with sensitive customer data are being shipped off-site and are not encrypted. It is so sad that we are at the mercy of the banking industry to secure our personal info.
Reply to this
"Amen" on how sad the security issues have become in not only our banking industry but many others as well. I fail to understand how they can allow any information to leave a "supposedly secure" facility not encrypted.
But as I stated, my receiving this at the end of May - over 3-1/2 months after it happened - my first notification it did happen - is absolutely failure on the BNY Mellon's part (and / or) whoever they supposedly entrusted to get this to people in a timely manner. I wonder how many more have not yet received this??
Tom in Jupiter, Florida
Reply to this
The letter is REAL. I too googled the crap out of this and after correltaing all of the information I went ahead and input all of the info. When you get the letter make sure all of the info matches with the dates and info you get from your google search (you'll find articles published from newspapers and gov't agencies. I'm extremely skeptical of everything but this is legit. ALthough I should probably wait until a few weeks to say this as I just enrolled...lol
Reply to this
Are the folks in Nigeria now sending out snail mail letters instead of Emails? When do I get my $33,000,000.00? Tax free too?
Just what I need, a credit check so my wife can go bonkers with the card.
Reply to this
I just received my letter today (June 5, 20080 although it was dated May 21, 2008. "Snail Mail" is not that slow!
I have no idea why I received this notice. My last name begins with A, I never worked for UPS and I have not owned any Stocks for over 9 years. After reading the above comments I plan on doing nothing except notifying my Attorney General's office. Thank You
Reply to this
Today I received the notice of the breach. I dutifully followed the procedures to sign up for the credit monitoring, and upon reaching the end of procedure, I went to get a credit report. HELLO, the credit monitoring DOES NOT include me seeing or receiving this report. For a three company report these guys wan $35+ dollars. I can buy this service cheaper right off the internet. What is offered is something already available provided by the US of A. One free report per agency each year. So how does this work? I pull the reports today, then allow my accounts to be plundeded for one year. WOW what a deal.
This whole thing smacks of a scam.
LJ
Reply to this
>I went to get a credit report. HELLO,
>the credit monitoring DOES NOT include
>me seeing or receiving this report.
>For a three company report these guys
>wan $35+ dollars.
Get your free credit report from the 3 agencies at AnnualCreditReport.com I get one report every 4 months...
Reply to this
I received the letter from BNY Mellon Shareowner services. None of my 401k,IRA or stock accounts are with this company. I logged into the website and clicked on the Triple Alert icon. It takes you to the Experian website but if you look at the toolbar there is alot of garbage at the end which could be a snail site.
Reply to this
If it weren't for this site and some smart enough to check with their state attorney general's site one would not be able to check scam or no scam on this letter. This letter does not scratch the surface of their responsibility consumers. Now I'm trying to connect the dots of BNY to my stuff before I change everything.
Reply to this
Nancy, what are you trying to cancel? You are correct in saying that the letter does not scratch the surface of their responsibility to consumers. Most likely you have some stocks or investments where BNY Mellon is a transfer agent for another company. That was the case with me, I did not have any BNY (or Mellon) accounts, just that they had my private information as the transfer agent for corporate stock investments. I would sign up for the free monitoring, and I imagine you will find the same thing I did - the letter from BNY Mellon says 1 year free monitoring, but when you sign up, it will show as two years. This situation is far from being resolved.
Reply to this
Today I received the letter as well. I was concerned about a scam as well, so I found this site and read the concerns. Then I went to the BNY Mellon website (google it), and on their homepage, under "Press Releases" you will find a pdf dated May 30th that says the same thing as the letter. I'm not sure if I'll sign up or not, but at least I am more comfortable in the validity of the offer.
Just my $0.02...
Reply to this
Letter received today dated May 27th.
Why did I receive this? I found out.
On this page, the right hand column titled Category Archives contains the name of a former employer during 2007; hereby referred to as Gadzooks for my entertainment. A Google search for BNY Mellon and Gadzooks turned up a page at Gadzooks stating BNY provided tax and stock services to Gadzooks and still does.
This might help others research their ties to BNY...scan the list to the right.
Reply to this
I too received the "letter" today and was skeptical, but I went to the Connecticut Attorney General's website and found that it is true. There is a press release from May 30, 2008 that lists the companies that were most affected. For confirmation you can also use Google "News" and enter "BNY Mellon Security Breach". You will receive many hits from news organizations all over the country.
Reply to this
I have Disney stock (certificates in my posession) purchased 20 years ago when I lived in NY. Moved to AZ 2 years ago. Just got my letter dated 6/13/08 with my current address and zip code newly assigned about 6 months ago. None of this is from by 20 year old stock purchase.
Reply to this
My Disney stock was purchased 15+ years ago. When I received the letter I thought it was a scam so I called Disney Corporate, and all I did was mention a letter from BNY Mellon and the lady finished my sentence (they must get a thousand calls about it) BNY Mellon was closed by the time I got my mail so I went onto the Triple Alert website and signed up.
Reply to this
"...so I went onto the Triple Alert website and signed up."
Heather,
Let us know if a CREDIT REPAIR SERVICE (or other 3rd party) company contacts you soon. That is apparently what the "scam" is.
I think you are using the term "scam" too tightly as if it only applies to hackers and evil con-artists. It can also apply to a well-known company seeking to pull a organized "scam". Like selling your name and personal data to 3rd parties who will call you, mail, and email you (depending on what contact data you gave them).
There is NO proof other than media reports that the BNY incident even happened. How many times has the media misinformed us recently?
I think 'somebody' is collecting SSN's for some nefarious purpose and NO ONE including me can figure it out yet.
Reply to this
Heather
Has had too good an experience. I think she may be in on the scam. My letter is dated 9/4/2008 and my last name starts with "S". It said my state does not have the insurance. so what do I do if my identity is stolen? Who will pay and even if they steal my identity the damage will have been done and it will takes years to clean up. I would say that if this is real they are not doing enough for the ones that may suffer. Has any one tried to request reimbursement, for the freeze thing? If this is not a fraud then it is being handled very badly why have some been alerted as early as the forth month and some the 6th and 7th months and their names have the same or close to the same starting letter and then there is the 9th month more letters sent. Is it because they have not managed to get enough SS#'s?
The one that talks about the small claims court might have a good idea there. But it will cost to file and you have to have the documents, which take time. Then court appearances and then if you win, at least where I am from you have to find the people to serve the papers. Well it goes on and in my case I never got the money from a person that had limited car insurance.
Reply to this
I Received this letter 9/29/08 and my last name is D. Nobody Signed the letter or indicated who the company executives are, just " Investor care Team".. My questions: Is this a loss or THEFT. has a POLICE report been made. Is the Transport driver being investigated. Has homeland security been notified. The company should not dictate what type of actions they feel are fair the attorney general should. Speaking of which, for all our safety, the attorney general should step in and lets us know whats going on and this would add legitimacy to the situation
Reply to this
They hired one of the largest private detective firms (KROLL) to investigate it. My guess is that it is more damage control rather than finding out whodunnit' Homeland (n)Security? Are you kidding me? Go watch the movie "Harold & Kumar Escape from Guantanamo Bay" for your answer to that question... LOL
The lack of a published police report is what makes me suspicious that this never actually happened. Since it happened across state lines the FBI should be involved. But no one in law enforcement (except the CT AG) SEEMS to be involved here. Why is that???
Someone needs to interview the company in Manchester CT who is sending out these letters. it is MISSION CONTROL, LLC. Look them up and ask your own questions.
Reply to this
I think you are absolutely right. I've read through all of these postings and this letter is definitely suspicious. I think this is a scam to collect people's private information. The original incident may be true, but why would they still be sending out letters months later? I just received one on 10/5/08.
Reply to this
I am sure that there was some information lost last spring but when the store hit the news, it was an ivitation to some culprit to use our fear to gather personal information months later. I plan to protect my credit but not by using the "Triple Alert" offering.
Reply to this
Yes....That is just what I was thinking! Do I really want ot input all my info...seems like they should already have it in order to give the credit reports. We wondered if the letter was legit in the first place!
Reply to this
I received the letter today but I don't have anything with BNY Mellon Bank. Should I be concerned?
Reply to this
Yes, if you received the letter, you should sign-up. It is legitimate. Most likely you had some stocks, funds or something that Mellon is responsible for reporting (or perhaps you had some & they still have you in their database). BNK Mellon handles a lot of transactions "behind the scenes" for many companies. Your choice, but it's free for two years. (Don't get sucked in by other offers you might see in the three credit monitoring services during or after the sing-up process)........
Reply to this
Tom, Did you feel comfortable providing
the sensitive data requested? How can
we be certain by responding we are not in further jeopardy?
Reply to this
Dan, I checked several websites including BNY Mellon to be sure. I went a step further by contacting my financial advisor as the company I hav investments with showed an issue with BNY Mellon. I found out that they did, it did not concern my investments, but did relate to some other stock transactions they used BNY Mellon for. They verified to me that it was legitimate. With all this evidence that it was ok, I proceeded. Believe me, I know what you are wondering (I am very suspicious of anything that might "smell funny") too many scams out there for sure. Tom
Reply to this
I received the letter from LaSalle Bank since they hold some securities from a company stock purchase plan I was in. My concern was that even though the loss of the tapes seemed to be real event, the letter may have been generated by someone else trying to generate business as a result. I contacted LaSalle bank customer service via phone numbers other than what were in the letter. They verified the authenticity of the letter. Still not sure if I want to use the free credit monitoring or not. I does appear to be a legitimate offer though.
Reply to this
To clarify, Mellon is a "transfer agent".
If you have ever owned any stocks or bonds, they may have been the transfer agent for that company. They simply keep track of the securities in either book entry or certificate form.
I received the letter today. My guess is that some delivery service screwed up. There is obviously a danger the tapes could fall into the wrong hands and Mellon is offering the protection of this monitoring service to cover their butts. I was a stockbroker for 16 years, and believe me, the people working behind the scenes are not rocket scientists. That said, I don't believe all the conspiracy ideas being floated around here. My 2 cents.
Reply to this