February 12, 2020
Community West recently experienced an increase in reports of fraudulent transactions similar to those occurring at financial institutions around the country. Our investigation revealed that much of the card fraud is likely due to a ‘BIN Attack.’ A ‘BIN’ or Bank Identification Number, is the first six digits of a debit card number which uniquely identifies that institution. The BIN can be used by fraudsters using computer programs to try to gain additional information; the remainder of a debit card number, expiration date, and CVV code (3 digit code on the back of card). They attempt a low dollar authorization (or a zero-dollar amount) to try and find a valid card number. If they can match a valid card number with the correct expiration date and CVV code, they can potentially make larger dollar amount purchases with that card.
Community West worked diligently to process disputes, freeze affected cards, and order replacement cards for members who were impacted. In response to the issue, we worked with our core processor and our card service processor to change the way new card numbers are assigned and to stop fraudulent charges from being authorized. These changes greatly limited or stopped the BIN Attack.
It is important to note that this type of fraud in no way compromises a member’s identity, nor is this issue a ‘data breach’ or card compromise of ANY kind. To help monitor your Community West Debit Card, Credit Card, and account activity, we strongly encourage you to register for our free tools; Debit Card Alerts, Credit Card Alerts, and eAlerts. All services are available through It’sMe247 online banking. If you need help registering for any of these services, please call, chat with a representative, or visit any branch.
Thank you for choosing Community West Credit Union, where you’re more than a member.