September 24, 2021: Privacy Breach/Operational Incident Comprehensive Job Aid

Batches of notification letters regarding two separate Fairway Operational Incidents – LogicGate Privacy Breach and Email Phishing Privacy Breach – continue to be mailed to impacted customers.  


If notification letters are returned by the Postal Service as undeliverable because of an incorrect or invalid mailing address, Fairway will send customers an email of explanation and include a pdf attachment of the original notification letter.


This comprehensive job aid contains the following information:

  1. Incident response recap
  2. Updated process of contacting customers by email when letters are returned as undeliverable by the Postal Service
  3. Verbiage contained in each customer notification email (resulting from returned mail)
  4. Contact Center call handling procedures
  5. Verbiage contained in each customer notification letter (pdf attachments to this email distribution)


Incident Response Recap:

  • Fairway is offering five (5) years of credit monitoring service through Experian IdentityWorks
  • Customers must enroll in IdentityWorks using the unique code and by the date specified in the letter individually prepared for each customer
  • Customers are directed to call the Interim Servicing Call Center (800-201-7544) with questions with questions regarding the letter
  • Interim Servicing will contact the Fairway Privacy Response Team who will return calls to impacted customers to provide specific details and assist customers in enrolling in the Experian IdentityWorks credit monitoring (see procedures below)


Process when Letters are Returned as Undeliverable by the Postal Service:

If Fairway has an invalid mailing address on file and these letters are returned as undeliverable, we will send customers an email notification explaining what occurred.  The email will include a pdf attachment of a copy of the letter originally mailed. 


Depending on the duration of time elapsed, Fairway may redraft the letter to provide a new credit monitoring offer with a revised expiration date (allowing the customer additional time to opt into the credit monitoring service). 


  • Reference the pdf files attached to this email to view the verbiage contained in the notification letters


Important note:  

The expiration date to enroll in the complimentary credit monitoring offered through Experian’s IdentityWorks® has been updated to December 31, 2021 for the recent batches of notification letters.  


Prior versions of this letter accurately contained an expiration date of September 30, 2021 or October 31, 2021.  


  • Scroll down to view the verbiage contained in the two customer email notifications resulting from returned mail sent on September 24, 2021


  • Scroll past the customer email notification verbiage to view Contact Center Call Handling Procedures


LogicGate Incident - Customer email notification verbiage


Dear Customer Name,


On April 7, 2021, we were notified by one of our third-party service providers, LogicGate, that it had been the victim of a security incident. LogicGate is a top risk management software vendor that helps thousands of companies manage risk and maintain compliance.  Through this compromise, the bad actor was able to find and decrypt certain files stored in LogicGate’s Risk Cloud backup environment, including some of Fairway’s files.   Unfortunately, your private information may have been impacted taken in this incident.


In accordance with the applicable state laws, we’ve attempted to notify you via the United States Postal Service.  However, your notification letters were returned to us as undeliverable.  Consequently, we decided to try providing you the notification via email.  The attachment to this message is an electronic version of the notification letter which provides further detail about the incident, and an offer of Identity Theft Protection at no cost to you.  The notification letter also contains information about how you can further protect your identity.


We recognize that opening an attachment to an unexpected email entails some risk to you.  So, we encourage you to verify that this is a legitimate message by contacting Fairway Independent Mortgage Customer Service at (800) 201-7544, available from 8:30 am to 5:00 pm CDT, Monday – Friday. 


Ted Layne

SVP IT Shared Services/CSO

Fairway Independent Mortgage Corporation

4201 Marsh Lane

Carrollton, TX 75007

tedl@fairwaymc.com

Phone (469) 209-7539

Fax (866) 633-7069



Email Phishing Incident - Customer email notification verbiage:


Dear Customer Name,


Throughout 2020 and into 2021, Fairway was under constant attack by unknown parties.  The goal of these attacks was to compromise Fairway employee email accounts and, steal borrower information.  


While a very large majority of these attacks were successfully repelled, some accounts were compromised, and personal information may have been impacted.  Some of your personal information were accessed from attachments in the compromised email accounts.  


In accordance with the applicable state laws, we’ve attempted to notify you via the United States Postal Service.  However, your notification letters were returned to us as undeliverable.  Consequently, we decided to try providing you the notification via email.  


The attachment to this message is an electronic version of the notification letter which provides further detail about the incident, and an offer of Identity Theft Protection at no cost to you.  The notification letter also contains information about how you can further protect your identity.


We recognize that opening an attachment to an unexpected email entails some risk to you.  So, we encourage you to verify that this is a legitimate message by contacting Fairway Independent Mortgage Customer Service at (800) 201-7544, available from 8:30 am to 5:00 pm CDT, Monday – Friday. 


Ted Layne

SVP IT Shared Services/CSO

Fairway Independent Mortgage Corporation

4201 Marsh Lane

Carrollton, TX 75007

tedl@fairwaymc.com

Phone (469) 209-7539

Fax (866) 633-7069




Contact Center Call Handling Procedure


LogicGate Privacy Breach Operational Incident:

On April 7, 2021, LogicGate, a third-party vendor providing risk management software, notified Fairway of a data security incident.  While LogicGate’s systems were breached – resulting in unauthorized access to personally identifiable information for some of Fairway’s customers – it is important to note Fairway’s internal systems were not compromised in this incident.


Compromised customer information in this incident may include any or all of the following:

  • First and last names
  • Social security numbers
  • Current addresses


Email Phishing Privacy Breach Operational Incident:

In August 2020, email accounts of four Fairway employees were compromised by an unknown third-party, resulting in unauthorized access of personally identifying information for approximately 5,900 customers.  


Compromised customer information in this incident may include any or all of the following: 

  • First and last names
  • Social security numbers
  • Date of birth
  • Current address
  • Bank account information
  • Credit card account numbers


Notification letters continue to be mailed to impacted customers for each operational incident advising what occurred, what information may have been compromised, and what Fairway is doing to assist.  


Fairway is offering a complimentary five-year membership to Experian’s IdentityWorks service to each impacted customer.  

  • Letters provide details of this monitoring service and how customers enroll


  • Customers must contact Experian’s IdentityWorks directly, prior to the offer expiration date, to sign up for this credit monitoring service


Call Handling Tips:  Goals for Customer Experience team members to achieve during these calls:

  • Listen, express empathy and de-escalate upset customers
  • Reassure customers letters received are legitimate communication outreaches from Fairway
  • Inform customers of the five-years of complimentary credit monitoring Fairway is offering through Experian’s IdentityWorks service
  • Obtain valid contact information and the best time of day for Fairway’s Privacy Response team to return calls to customers requesting specific details and/or assistance enrolling in the IdentityWorks service


Call Scripting: 

Shown below is a script to use when speaking with customers impacted by this operational incident:


“The letter you received is a legitimate and valid communication from Fairway Independent Mortgage Corporation.  We are informing you of an operational incident impacting your personally identifiable information.  


We recognize this situation can be concerning and are offering important safeguards to provide you with key protections and important information you need.  


We sincerely apologize for any frustration or inconvenience this matter has caused. 


Fairway is offering you an option to sign up for five years of complimentary credit monitoring – paid for by Fairway – through a service called IdentityWorks offered through Experian.  The letter you received provides you the web address to enroll in Experian IdentityWorks and a unique activation code assigned specifically to you.  


Please review the information contained in this letter regarding details of the program, and you must enroll in IdentityWorks by the date referenced on your letter using the activation code provided.


Fairway has a dedicated Privacy Response Team consisting of subject matter experts available to answer detailed questions you may have regarding this matter.  They are also available to assist you with enrollment in the Experian IdentityWorks credit monitoring program.


Would you like for me to request an expert from our Privacy Response Team to call you?”


If Yes:  

“Great.  Please provide me your contact phone number and the best time for our Privacy Response Team to return your call?”


[Obtain information from customer and repeat information back to customer to confirm accuracy]


“Thank you for providing this information.  I am forwarding this request to the Privacy Response Team now, and you will receive a return phone call within the next 24 hours.  


Please be advised that most of Fairway’s employees are working remote at this time, and the caller identification on the returned call from our Privacy Response Team may not display the name of Fairway Independent Mortgage Corporation.


If they reach your voicemail, they will provide their name and a direct phone number for you to call them back.”


If No:  

“Ok, and thank you.  Please thoroughly read through the letter you received – if you have not already done so – as there are phone numbers and websites for additional resources you may find beneficial.  


Fairway is committed to providing you the best assistance during this time, and please do not hesitate to call us back if you would like a Privacy Response Team specialist to further assist you.”


[Complete the call using established call flow procedures]


Procedure to Request a Customer Call Back from Fairway’s Privacy Response Team:  

Fairway’s Privacy Response Team will return calls and speak with customers who have specific questions, request more details, or need assistance enrolling in the Experian IdentityWorks credit monitoring program.  


Customers will receive a return call within 24 hours.  Follow the applicable procedure listed below for requests received in the Call Centers and requests received in Servicing911:


Call Center, Customer Emails, and Online Chats through FairwayNEXT:

Obtain the following pieces of information:

  • Customer's name
  • Loan number
  • Preferred call back phone number
  • Preferred best time for the Privacy Response Team to return the call

Email this information to:  Your Manager and Your Supervisor

  • Subject line: "Privacy Breach Callback - Loan Number _________" 
    • Body of email: Include customer contact information obtained for the callback
    • Send email and inform customer they will receive a call back within 24 hours
    • Document the Memos/Notes regarding the inquiry and a callback was requested


Servicing911:  

Reassign all tickets relating to this Fairway Privacy Breach to Your Team Lead.

  • Your Team Lead will log and track detail on each loan and request a return call from the Privacy Response Team to the customer/loan officer
  • The Privacy Response Team will inform loan officers when requested customer callbacks are complete

This information has been updated in KnowledgeOwl for Interim and Servicing911 in the Fairway Privacy Incidents section. 


Please contact your supervisor or manager if you have any questions.