Patelco Credit Union alerts potential victims that it fell prey to a data breach, with sensitive information stolen during a RansomHub ransomware attack earlier this year.
Although the group refrained from naming the attackers, the RansomHub collective took credit for the cyberattack on August 15, 2024, by posting the entirety of the stolen data on their extortion platform.
Patelco Credit Union, a US-based not-for-profit institution, offers a range of financial services, including checking and savings accounts, loans, credit cards, insurance products, and investment opportunities, with assets surpassing $9 billion.
In June 2024, a major corporation made the decisive move to shut down all customer-facing banking channels on June 29, thereby minimizing potential harm and safeguarding customers’ sensitive information.
The system outage persisted for approximately
At the time of disclosure, Patelco’s initial assessment indicated no confirmation of compromised information due to the assault; nevertheless, subsequent investigation uncovered evidence suggesting unauthorized access to customer data by malicious actors.
“The investigation uncovered that an unauthorized entity breached our community’s security on May 23, 2024, ultimately gaining access to our databases on June 29, 2024.”
“After conducting a thorough investigation and carefully re-examining the relevant data, we concluded that as of August 14, 2024, your personal details were found to be compromised in the accessed databases.”
The information revealed to cybercriminals proves diverse in nature, depending on the individual case, and thus necessitates embracing a multifaceted approach.
- Full title
- Social Safety quantity (SSN)
- Driver’s license quantity
- Date of beginning
- E mail tackle
According to RansomHub’s extortion portal on the darknet, cybercriminals claimed to have been unsuccessful in reaching a settlement with Patelco following two weeks of purported negotiations.
According to records on Maine’s Attorney General Office website, the incident affects Patelco members.
Notices to affected individuals will provide guidance on signing up for a complimentary two-year subscription to Experian’s identity protection and credit monitoring services, ensuring their digital security and financial well-being. The enrolment deadline was scheduled for November 19, 2024.
To further emphasize the importance of online security, Patelco has prominently displayed a warning banner on its website’s homepage, explicitly stating that its employees will never initiate contact to request sensitive information, including card details, PINs, expiration dates, and CVV codes.
The likelihood of being targeted by phishing, social engineering, or scams increases significantly for individuals without adequate protection, who are strongly advised to remain vigilant against uninvited communications and suspicious attempts.
