The timing of this implementation is in advance of the Federal Trade Commission scheduled date for enforcement of the June 1, 2010, deadline for creditors and financial institutions to develop and implement written identify theft prevention programs to detect, prevent and mitigate “red flags.” See 16 C.F.R. 681.2 and Appendix A to Part 681. A red flag is any activity that may indicate a possible attempt at identity theft related to an existing customer account or the opening of a new account.

Individuals requesting account information or access will be asked additional questions regarding information about a customer's account in order to verify his or her identity and right to access the information. For security reasons, the specific measures are confidential.

To the extent that callers are required to provide identifying information in order to access customer information, this may lengthen call time. In the event customers experience any delays, we appreciate and thank our customers for their patience.

The identity theft prevention measures are required of financial institutions and creditors servicing customer accounts involving multiple payments and transactions, including:

• Financial institutions (banks, credit unions)
• Finance companies
• Credit and debit cards issuers
• Mortgage brokers
• Telecommunications companies
• Utilities (water, gas, electric)

Northeast Utilities already has existing policies and procedures to mitigate foreseeable risks to customer and company information and to verify a caller’s identity. Northeast Utilities has a new customer service information system (C2) that enhances NU’s electric and natural gas companies’ abilities to implement these additional measures. The Program, effective November 1, 2008, builds additional safeguards into the policies and procedures that the Company already has in place to protect utility accounts.

Red Flags are those identity theft patterns or practices that the Company can identify, detect and prevent to protect customers and their utility accounts. Examples of red flags include someone trying to use an improper Social Security number to open or access an account, or a report from a fraud detection service or from a law enforcement agency advising the company to beware of a particular pattern of activity.

Beginning November 1, 2008, the utility companies of Northeast Utilities implemented additional identity theft prevention measures to help us to safeguard our customers' confidential account information and to ensure only authorized access.

The Program provides customers with the peace of mind that comes from knowing that the Company is taking appropriate measures to protect and prevent their utility accounts and information from unauthorized access.