News & Events

Equifax Breach Report Information

Equifax, Inc. announced on September 7, 2017 a cybersecurity incident that could potentially impact as many as 143 million people nationwide, effecting approximately 44% of Americans.  This incident was from mid-May through July of this year.  Criminals exploited a U.S. website application vulnerability to gain access to names, Social Security numbers, birth dates, addresses, and some driver’s license numbers.

There are steps to take to help protect your information from being misused.  Visit Equifax’s website for more information regarding this breach,

Concerned about the Equifax breach?  See our FAQ’s below to learn more about the breach and how to protect yourself.

Frequently Asked Questions Regarding Equifax Breach

I’ve been hearing about the Equifax breach in the news. What happened?
Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for
about 209,000 people and dispute documents with personal identifying information for about 182,000 people.

Was my information stolen?
If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.

How can I protect myself?

  • Enroll in Equifax’s services.
    Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at
  • Monitor your credit reports.
    In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at You are entitled to one free report from each of the credit bureaus once per year.
  • Monitor your bank accounts.
    We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.
  • Watch out for scams related to the breach.
    Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.

Should I place a credit freeze on my files?
Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus.  A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account.

How do I contact the three major credit bureaus to place a freeze on my files?
Equifax: Call 800-349-9960 or visit its website.

Experian: Call 888-397-3742 or visit its website.

TransUnion: Call 888-909-8872 or visit its website.

Where can I get more information about the Equifax breach?
You can learn more directly from Equifax at You can also learn more by visiting the Federal Trade Commission’s web page on the breach at To learn more about how to protect yourself after a breach, visit


Potential Phishing Scams Related to Equifax Data Breach
Original release date: September 14, 2017

The Federal Trade Commission (FTC) has released an alert on scams related to the Equifax data breach. FTC warns consumers to be wary of calls or emails purporting to be from Equifax agents. Legitimate Equifax representatives will not contact consumers to ask for verification of their information.

US-CERT encourages consumers to report fraudulent calls and emails to the FTC Complaint Assistant and to refer to the FTC Alert and US-CERT Tips on Avoiding Social Engineering and Phishing Attacks and Preventing and Responding to Identity Theft for more information.



We have received notification of increased activity of a nationwide fraud scam involving malware screen takeover that is targeting token users.  Signs to watch for include customers who are experiencing difficulty logging in or closing sessions – particularly token users.  This particular malware variant will prompt a user to input account and/or token data, which then results in another screen prompt indicating that the user will be unable to access the account for 24-hours while maintenance is performed.   This allows the fraudster to take over the session and commit fraud while the user is detained on the fake “maintenance” screen.  Remember the bank will never ask you to input confidential information such as your SSN/TAX ID online. 

If you suspect fraudulent activity, please notify our electronic banking department immediately by calling 979-260-2119.



We have also received word of a cell phone text scam that is occurring in our area.  Customers are receiving a text to their cell phone saying their MasterCard has been locked, requesting they enter their card number to unlock the card for usage.  Please DO NOT send this information; this is a scam.

Phishing Text Messages

Beware of text messages that are being sent to consumers fraudulently claiming to be from your bank.  These text messages are coupled with a toll free number (for example: 844-326-3733) which the recipient is asked to call.  Return calls to the number have the victim enter card or account data which is “validated” by having it entered a second time.  The senders of the messages are conducting a text-phishing scam, attempting to trick recipients into providing sensitive financial information. 

As a reminder, banks will NEVER ask for personal information in a text message or an email.  If you receive a message like this, please delete and do not respond to it.



Always keep in mind that TB&T will never send email containing attachments, or require customers to send personal information to us via email or pop-up windows or ask you to re-enter login credentials multiple times.  Any unsolicited request for a Bank & Trust account information you receive through emails or Web sites should be considered fraudulent and reported to us immediately.