Employment
Home » Carruth Data Breach

Carruth Data Breach

Carruth Compliance Consulting (Carruth) is the third-party administrator that handles 403(b)/457 retirement savings plans for many Oregon school districts, including McMinnville School District. Carruth recently discovered suspicious activity on their computer systems. An investigation revealed that unauthorized access to Carruth’s network occurred in late December 2024, resulting in the compromise of sensitive employee data for Carruth’s clients, including MSD.

Carruth Notice of Data Security Event

Frequently Asked Questions

  • What Should I Do?

    • Enroll in Credit Monitoring and Identity Restoration Services: Carruth is offering free credit monitoring and identity restoration services through IDX. To enroll, please call IDX at (877) 720-7895.
    • Monitor Your Accounts: Regularly review your bank accounts, credit card statements, and other financial accounts for any suspicious activity. If you see anything unusual, report it to your financial institution immediately.
    • Check Your Credit Reports: You are entitled to one free credit report annually from each of the three major credit reporting bureaus (Equifax, Experian, and TransUnion). Visit www.annualcreditreport.com or call 1-877-322-8228 to order your free reports.
    • Consider Placing a Fraud Alert or Credit Freeze on your Credit Report: You can place a fraud alert or credit freeze on your credit report to help protect yourself from identity theft. See details below.
    • Report Any Suspicious Activity: If you suspect you are a victim of identity theft, report it to the Federal Trade Commission (FTC) at www.identitytheft.gov or 1-877-ID-THEFT (1-877-438-4338). You should also file a police report.
    • Secure Your Accounts: Make sure you have strong and and secure passwords for all financial accounts. We also recommend utilizing multi-factor authentication or other security measures offered by your institution(s).

  • Were MSD Systems Part of the Breach?

    No, MSD systems were not compromised.  The breached information in this event was information held by Carruth systems.

  • Is this Connected to my Oregon PERS, IAP or OEBB accounts?

    No, this breach was only with Carruth and does not have any connection to your PERS, IAP or OEBB accounts.

  • Who is Impacted?

    This data breach potentially impacts anyone employed by MSD between 2008 and today who registered for 403(b) or 457(b) retirement plans. To be on the safe side, we encourage everyone to take the steps listed below.

  • What Information was Compromised?

    The compromised information at Carruth may include employees’ name, Social Security number, and financial account information. In some cases, it could also include driver’s license number, and for those who may have applied for a hardship loan it could include W-2 information, medical billing information (but not medical records), and tax filings. It may also include information from third-party organizations with which Carruth completed transactions on behalf of account holders.

  • What is MSD Doing?

    • We are working with Carruth to understand the full scope of the breach and to ensure they are taking appropriate steps to mitigate the impact on our employees.
    • We are providing this FAQ and will continue to update it with the latest information as it becomes available.

  • How to Place a Fraud Alert and Credit Freeze

    • Fraud Alert: A fraud alert notifies creditors to verify your identity before issuing new credit. You can place an initial fraud alert (lasting one year) or an extended fraud alert (lasting seven years) if you are already a victim of identity theft.
    • Credit Freeze: A credit freeze prevents credit bureaus from releasing your credit report without your explicit consent. This makes it harder for identity thieves to open accounts in your name.

  • How to Contact the Three Major Credit Reporting Bureaus

  • Additional Resources

Web Accessibility | Website Login
Copyright © 2025 McMinnville School District. All rights reserved.
Website Design and Maintenance by Abide Web Design