Deschutes Public Library Data Security Incident Notice

RecordIndicator000673 #MqCD]@Q?a+

GC&uVB%Rp+V a!!a!!!!a!!!a!a!Deschutes Public Library District0000673

USBFS3105

6_0000673ĀúåÒ÷ªÒâõÏÏÌ«

ĀºÏÝÔ¡Ë¥¿ýÙ³ÏêÝÜðÖ Āº¡å¬µ»ùãƼä·Üèñè« ÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁÁ

March 25, 2026

Re: Notice of Data Security Incident Dear : The Deschutes Public Library (“the Library”) is writing to inform you of a recent data security incident that involved your personal information. We take the privacy and security of all information within our possession very seriously. Please read this letter carefully, as it contains important information regarding the incident and resources you can utilize to protect your information, including instructions for enrolling in complimentary credit monitoring and identity theft protection services. Under Massachusetts law, you have the right to obtain any police report filed in regard to this incident. If you are the victim of identity theft, you also have the right to file a police report and obtain a copy of it. Massachusetts law also allows consumers to place a security freeze on their credit reports. A security freeze prohibits a consumer reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit, mortgages, employment, housing or other services. To place a security freeze on your credit report, you must send a written request to each of the three major consumer reporting agencies:

• Equifax: P.O. Box 105788, Atlanta, GA 30348, 1-800-525-6285, www.equifax.com
• Experian: P.O. Box 9554, Allen, TX 75013, 1-888-397-3742, www.experian.com
• TransUnion: P.O. Box 160, Woodlyn, PA 19094, 1-800-916-8800, www.freeze.transunion.com In order to request a security freeze, you will need to provide the following information:

1. Full name and any suffixes;
2. Social Security Number;

3. Date of birth;
   c/o CyberscoutRenton, WA 98057555 Monster Rd SW

4. If you have moved in the past five years, the addresses where you have lived over the prior
   five years;

5. Proof of current address, such as a current utility bill or telephone bill;

6. A legible photocopy of a government issued identification card (state driver’s license or ID
   card, military identification, etc.);

7. If you are a victim of identity theft, include a copy of either the police report, investigative
   report, or complaint to a law enforcement agency concerning identity theft; The consumer reporting agencies have three business days after receiving your request to place a security freeze on your credit report. The credit bureaus must also send written confirmation to you within five business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze. To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a request to the consumer reporting agencies and include proper identification (name, address, and Social Security Number) and the PIN or password provided to you when you placed the security freeze, as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The consumer reporting agencies have three business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time. To remove the security freeze, you must send a request to each of the three consumer reporting agencies and include proper identification (name, address, and Social Security Number) and the PIN or password provided to you when you placed the security freeze. The consumer reporting agencies have three business days after receiving your request to remove the security freeze. No fee is required to be paid to any of the consumer reporting agencies to place, lift or remove a security freeze. In order to determine whether any unauthorized credit was obtained with your information, you may obtain a copy of your credit report at www.annualcreditreport.com or 1-877-322-8228. You may also request information on how to place a fraud alert by contacting any of the above consumer reporting agencies. A fraud alert is intended to alert you if someone attempts to obtain credit in your name without your consent. It is recommended that you remain vigilant for any incidents of fraud or identity theft by reviewing credit card account statements and your credit report for unauthorized activity. You may also contact the Federal Trade Commission (FTC) to learn more about how to prevent identity theft: FTC, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, D.C. 20580, www.ftc.gov/bcp/edu/microsites/idtheft/, 1-877-IDTHEFT (438-4338). Additionally, we are offering you the opportunity to enroll in complimentary credit monitoring and identity theft protection services, including a $1,000,000 identity theft insurance policy, at no charge to you. These services provide you with alerts for twenty-four (24) months from the date of enrollment when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. Finally, we are providing you with proactive fraud assistance to help with any questions that you might have or in event that you become a victim of fraud. These services are provided through Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.

/EqCCd'S3m+ sC(u{X!VjBkV a!!aa!!!a!!!a!a! 0000673To enroll in the credit monitoring and identity theft protection services at no charge to you, please

log on to https://bfs.cyberscout.com/activate and follow the instructions provided. When prompted please provide the following unique code to receive services: . In order for you to receive the services described above, you must enroll within 90 days from the date of this letter. The enrollment requires an internet connection and e-mail account and may not be available to minors under the age of 18 years of age. Please note that when signing up for monitoring services, you may be asked to verify personal information for your own protection to confirm your identity. We take your trust in us and this matter very seriously. The security and privacy of our data is among our highest priorities. Please accept our apologies for any concern or inconvenience this may cause you.

For More Information: Further information about how to protect your personal information appears on the following page. If you have questions or need assistance, please call Transunion at 1-800-405-6108 from 5:00 a.m. to 5:00 p.m. Pacific Time, Monday through Friday (excluding holidays). Transunion representatives are fully versed on this incident and can help answer questions you may have regarding the protection of your information.

Sincerely, Deschutes Public Library 61956 SE Santorini St Bend, OR 97702