MOVEit Update

A recent global cybersecurity incident involving MOVEit, a popular filesharing software used by government agencies, enterprise corporations, major financial firms and other organizations, resulted in the potential exposure of sensitive information for any organization utilizing the software.

The security of customers’ personal information is our top priority. Once notified of the MOVEit vulnerability, Umpqua took immediate action to safeguard our systems and further protect customer data. We also initiated a thorough investigation to understand our potential exposure, as well as the exposure of our vendors.

While no unauthorized access to customer information occurred through Umpqua’s system, we learned on June 21 that a vulnerability in the system of one of our providers, a leading financial services technology provider supporting financial institutions across the globe, resulted in unauthorized access to the names and social security numbers or tax identification numbers of a segment of our customers.

We can confirm that no unauthorized access to bank account numbers or other financial information has occurred. 

Since the incident occurred in the system of our provider and not Umpqua’s system, we are working with them to identify and notify all involved customers.

Because the MOVEit vulnerability has been so widespread across government agencies and global enterprises, we strongly encourage customers to take proactive steps to protect their information.

Consider the following:

For Consumers
  • Closely monitor credit reports.
  • Obtain a free copy of your credit report, which you’re entitled to once every 12 months, from each of the three major credit reporting agencies: Experian, Equifax and TransUnion.
  • Place a fraud alert on your accounts by contacting one of the credit reporting agencies; a fraud alert at one of the agencies will automatically notify the other two. A fraud alert tells creditors to contact you before opening any new accounts or before making changes to existing accounts.
  • Freeze your credit at each of the three major credit reporting agencies. Agencies will require personal authorization before approving any credit application.
  • If you believe you are a victim of identity theft, immediately file a police report and notify the Federal Trade Commission via
  • Request to block electronic access to Social Security, which you can learn more about via

To connect with one or all three of the major credit reporting agencies, call or visit their websites:

Call the Social Security Administration’s toll-free number to block electronic access to your social security number:

For Businesses

Business identity theft is more complex and therefore not as common as personal identity theft, but it still happens frequently—and the results can be disastrous. Fraudsters attempt to use sensitive information about a business to do everything from applying for a loan and falsifying business filings to impersonating the business and even fraudulently pretending to be an employee.

Being resilient after sensitive information about your business has been accessed can help keep your business secure.

How to identify business identity theft related to tax administration

  • You receive IRS notices about fictitious employees.
  • You notice activity related to or receive IRS notices regarding a defunct, closed or dormant business after all account balances have been paid.
  • Your return is accepted as an amended return, but you (or your accountant) haven’t filed a return for that year.

If you think someone is using your business name or Employer Identification Number (EIN) to submit fraudulent tax returns or Forms W-2, you’ll want to let the IRS know right away. Businesses, trusts, estates and tax-exempt organizations can do this by filing a Business Identity Theft Affidavit, aka Form 14039-B on the IRS website.

Other indicators of possible business identity theft (not related to tax administration) include

  • You receive bills for business lines of credit or credit cards you do not have.
  • You notice that a credit report indicates credit or other open accounts you did not authorize.
  • You see unexplained bank account withdrawals.
  • You don’t get your bills or other mail.
  • You find unfamiliar accounts or charges on your credit report.

Immediate Protective actions if your business information has been compromised

  • If you believe someone fraudulently used your Employer Identification Number, notify the IRS immediately.
  • Contact your banker to add an alert or password on your business banking and merchant accounts.
  • Review the options available for your business online banking platform and, if the option is available, enable dual approval requiring two users to create a new user.
  • If you utilize ACH to pay payroll or vendors, add dual approval requiring one employee/owner to create the file and one employee/owner to approve the file.
  • Add additional levels of protection to your bank accounts including Positive Pay and ACH Positive Pay.
  • Place a fraud alert on your credit reports by contacting any one of the three nationwide credit reporting companies online or through their toll-free numbers. The bureau you contact must tell the other two. You may also request a credit freeze by contacting each of the three bureaus.

To connect with one or all three of the major credit reporting agencies, call or visit their websites: 

Ongoing Protective actions if your business information has been compromised 

  • Review your bank account(s) activity online as frequently as possible, ideally on a daily basis and report any unauthorized activity to your bank as soon as possible.  
  • Carefully review and reconcile account statements as soon as you receive them. 
  • Regularly review business registration information online (for all active and closed businesses). 
  • Keep your records with the Secretary of State up to date. 
  • Keep copies of official business records such as tax returns, quarterly filings and sales tax in a secure place. 
  • Review your business insurance policies to find out if your coverage does or can in the future cover fraudulent claims. 
  • Update antivirus, malware, and other security software programs on your computers. Use good cyber hygiene: change passwords periodically, do not reuse passwords across multiple applications, regularly backup your key data and create security awareness in your organization. 
  • Create due diligence processes in your organization such as calling the vendor at a known phone number to validate a request for payment or change in payment information before conducting a financial transaction that was requested via email. 
  • Remain vigilant and be alert for suspicious or unusual activity, including large charges or orders from someone claiming to represent your business. 

Business Identity Theft Can Happen to Anyone

Staying resilient helps stop fraudsters from using information about your business for their own gain. This includes detecting fraudulent activity early (by frequently reviewing your business records) and taking protective actions such as the items listed above.  

If you’d like to learn about banking solutions that can help secure your business against fraud, visit your local branch or give us a call at 866-486-7782.