Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Credit Union. Show all posts
Phishing Scams
Credit Union Customer Data Customer Data Exposed Cyber Attacks cybercriminals Data Leak data security Hacker attack Personal Data Phishing Scams

Blackpool Credit Union Cyberattack Exposes Customer Data in Cork

 

A Cork-based credit union has issued a warning to its customers after a recent cyberattack exposed sensitive personal information. Blackpool Credit Union confirmed that the breach occurred late last month and subsequently notified members through a formal letter. Investigators determined that hackers may have gained access to personal records, including names, contact information, residential addresses, dates of birth, and account details. While there is no evidence that any funds were stolen or PIN numbers compromised, concerns remain that the stolen data could be misused. 

The investigation raised the possibility that cybercriminals may publish the stolen records on underground marketplaces such as the dark web. This type of exposure increases the risk of identity theft or secondary scams, particularly phishing attacks in which fraudsters impersonate trusted organizations to steal additional details from unsuspecting victims. Customers were urged to remain vigilant and to treat any unsolicited communication requesting personal or financial information with caution. 

The Central Bank of Ireland has been briefed on the situation and is monitoring developments. It has advised any members with concerns to reach out directly to Blackpool Credit Union through its official phone line. Meanwhile, a spokesperson for the credit union assured the public that services remain operational and that members can continue to access assistance in person, by phone, or through email. The organization emphasized that safeguarding customer data remains a priority and expressed regret over the incident. Impacted individuals will be contacted directly for follow-up support. 

The Irish League of Credit Unions reinforced the importance of caution, noting that legitimate credit unions will never ask members to verify accounts through text messages or unsolicited communications. Fraudsters often exploit publicly available details to appear convincing, setting up sophisticated websites and emails to lure individuals into disclosing confidential information. Customers were reminded to independently verify the authenticity of any suspicious outreach and to rely on official registers when dealing with financial services.  

Experts warn that people who have already fallen victim to scams are more likely to be targeted again. Attackers often pressure individuals into making hasty decisions, using the sense of urgency to trick them into disclosing sensitive information or transferring money. Customers were encouraged to take their time before responding to unexpected requests and to trust their instincts if something feels unusual or out of place.

The Central Bank reiterated its awareness of the breach and confirmed that it is in direct communication with Blackpool Credit Union regarding the response measures. Members seeking clarification were again directed to the credit union’s official helpline for assistance.
Read more »
Personal Data Breach
Bank Data Leak Credit Union Customer Data Cyberattacks Data Breach Data Leak Data protection data security financial attack Personal Data Breach

Connex Credit Union Confirms Data Breach Impacting 172,000 Customers

 

Connex Credit Union, headquartered in North Haven, Connecticut, recently revealed that a data breach may have affected around 172,000 of its members. The compromised data includes names, account numbers, debit card information, Social Security numbers, and government identification used for account openings. The credit union emphasized that there is no indication that customer accounts or funds were accessed during the incident. 

The breach was identified after Connex noticed unusual activity in its digital systems on June 3, prompting an internal investigation. The review indicated that certain files could have been accessed or copied without permission on June 2 and 3. By late July, the credit union had determined which members were potentially affected. To inform customers and prevent fraud, Connex posted a notice on its website warning that scammers might attempt to impersonate the credit union through calls or messages. 

The advisory stressed that Connex would never request PINs, account numbers, or passwords over the phone. To support affected individuals, the credit union set up a toll-free call center and is offering a year of free credit monitoring and identity theft protection through TransUnion’s CyberScout service. Connex also reported the breach to federal authorities, including the National Credit Union Administration, and committed to cooperating fully with law enforcement to hold the attackers accountable. 

This breach is part of a broader trend of cyberattacks on financial institutions. Earlier in 2025, Western Alliance Bank in Phoenix reported a cyber incident that potentially exposed 22,000 customers’ information due to vulnerabilities in third-party file transfer software, which remained undetected for over three months. Regulatory agencies have also been targeted; in April, attackers accessed emails from the Office of the Comptroller of the Currency containing sensitive financial information, prompting banks such as JPMorgan Chase and Bank of America to temporarily halt electronic data sharing. Other credit unions have faced similar incidents. 

In 2024, TDECU in Lake Jackson, Texas, learned it had been affected by a MoveIt cybersecurity breach over a year after it occurred. One of the largest bank breaches in recent memory took place in July 2019, when Capital One was hacked by a former Amazon Web Services employee, compromising data of 106 million individuals. The company faced an $80 million penalty to the OCC and a $190 million class-action settlement, while the hacker was convicted in 2022 for wire fraud and unauthorized access. 

As cyberattacks become more sophisticated, this incident underscores the importance of vigilance, strong cybersecurity practices, and proactive protection measures for customers and financial institutions alike.
Read more »
United States
Cloud Service Firm Credit Union Cyber Attacks IT Provider United States

Dozens of Credit Unions Experiencing Disruptions Due to Ransomware Attack on Popular Tech Provider

 

Owing to a ransomware attack on a popular technology provider, about 60 credit unions are experiencing disruptions. 

A spokesperson for the National Credit Union Administration (NCUA), Joseph Adamoli, stated that the ransomware attack was directed towards Ongoing Operations, a cloud services provider that is owned by Trellance, a credit union technology company. 

Adamoli stated that incident reports were sent to the NCUA, the federal agency in charge of regulating credit unions, by multiple credit unions claiming that Ongoing Operations had sent a message stating that the company had been infected with ransomware on November 26. 

“Upon discovery, we took immediate action to address and investigate the incident, which included engaging third-party specialists to assist with determining the nature and scope of the event. We also notified federal law enforcement,” Ongoing Operations told impacted credit unions. 

“At this time, our investigation is currently ongoing, and we will continue to provide updates as necessary. Please know that at this time, we have no evidence of any misuse of information, and we are providing notice in an abundance of caution to ensure awareness of this event.” 

Adamoli revealed that nearly sixty credit unions are currently facing some level of outage as a result of a ransomware assault at a third-party service provider. 

"The NCUA is coordinating with affected credit unions." "Member deposits at affected federally insured credit unions are insured up to $250,000 by the National Credit Union Share Insurance Fund," he explained.

He went on to say that they had informed the US Department of Treasury, the Federal Bureau of Investigation, and the Cybersecurity and Infrastructure Security Agency about the incident. Trellance did not respond to requests for comment. 

The attack is having a larger impact on other credit union technology providers, including FedComp, a company that provides data processing solutions to credit unions. 

FedComp did not respond to requests for comment, but according to a notice on its website, "the FedComp Data Centre is experiencing technical difficulties and is experiencing a nationwide outage.” 

Rise in attacks 

In August, the NCUA issued a warning, citing a rise in cyberattacks targeting credit unions, credit union service organisations (CUSO), and other outside suppliers of financial services goods. 

The cyberattack on the MOVEit file transfer software earlier this year impacted several credit unions, and over the last three years, dozens of organisations have reported data breaches to Maine regulators.

Jefferson Credit Union was added to the list of victims by the ransomware group RansomHouse in 2022, and Envision Credit Union disclosed a cyberattack involving the LockBit ransomware group last year. 

In 2020, there was also an incident at Ardent Credit Union. New regulations that mandate a federally insured credit union to report a cyberattack to the NCUA within 72 hours were approved by the NCUA in February. On September 1, the regulation went into force.
Read more »
Subscribe to: Posts (Atom)