Owing to a ransomware attack on a popular technology provider, about 60 credit unions are experiencing disruptions.
A spokesperson for the National Credit Union Administration (NCUA), Joseph Adamoli, stated that the ransomware attack was directed towards Ongoing Operations, a cloud services provider that is owned by Trellance, a credit union technology company.
Adamoli stated that incident reports were sent to the NCUA, the federal agency in charge of regulating credit unions, by multiple credit unions claiming that Ongoing Operations had sent a message stating that the company had been infected with ransomware on November 26.
“Upon discovery, we took immediate action to address and investigate the incident, which included engaging third-party specialists to assist with determining the nature and scope of the event. We also notified federal law enforcement,” Ongoing Operations told impacted credit unions.
“At this time, our investigation is currently ongoing, and we will continue to provide updates as necessary. Please know that at this time, we have no evidence of any misuse of information, and we are providing notice in an abundance of caution to ensure awareness of this event.”
Adamoli revealed that nearly sixty credit unions are currently facing some level of outage as a result of a ransomware assault at a third-party service provider.
"The NCUA is coordinating with affected credit unions." "Member deposits at affected federally insured credit unions are insured up to $250,000 by the National Credit Union Share Insurance Fund," he explained.
He went on to say that they had informed the US Department of Treasury, the Federal Bureau of Investigation, and the Cybersecurity and Infrastructure Security Agency about the incident. Trellance did not respond to requests for comment.
The attack is having a larger impact on other credit union technology providers, including FedComp, a company that provides data processing solutions to credit unions.
FedComp did not respond to requests for comment, but according to a notice on its website, "the FedComp Data Centre is experiencing technical difficulties and is experiencing a nationwide outage.”
Rise in attacks
In August, the NCUA issued a warning, citing a rise in cyberattacks targeting credit unions, credit union service organisations (CUSO), and other outside suppliers of financial services goods.
The cyberattack on the MOVEit file transfer software earlier this year impacted several credit unions, and over the last three years, dozens of organisations have reported data breaches to Maine regulators.
Jefferson Credit Union was added to the list of victims by the ransomware group RansomHouse in 2022, and Envision Credit Union disclosed a cyberattack involving the LockBit ransomware group last year.
In 2020, there was also an incident at Ardent Credit Union.
New regulations that mandate a federally insured credit union to report a cyberattack to the NCUA within 72 hours were approved by the NCUA in February. On September 1, the regulation went into force.