Ethical Hacking News
Patelco Credit Union has disclosed that its systems were compromised by a ransomware attack this summer, affecting over 1 million individuals. The incident highlights the importance of robust cybersecurity measures and ongoing vigilance. By staying informed and taking necessary steps to secure their personal information, individuals can minimize the risk of falling victim to similar attacks in the future.
Patelco Credit Union suffered a ransomware attack on May 23, 2024, affecting over 1 million individuals. The breach exposed personal information, including names, Social Security numbers, and Driver's License numbers. The initial reported impact was 726,000 customers and employees, but the actual number is now over 1 million due to additional stolen data. Patelco Credit Union took steps to contain the breach, including shutting down banking systems and offering two years of free identity protection services. The ransomware group remains anonymous, with stolen data to be auctioned off in the near future.
Patelco Credit Union, a member-owned and not-for-profit credit union serving Northern California, particularly the San Francisco Bay Area, has recently disclosed that its systems were compromised by a ransomware attack this summer. The data breach, which was initially reported to have affected approximately 726,000 customers and employees, has now been revealed to impact a staggering 1,009,472 individuals.
The incident began on May 23, 2024, when the threat actors first gained access to Patelco Credit Union's systems. Following a thorough investigation, it was discovered that the attackers exfiltrated a database containing personal information, including first and last names, Social Security numbers, Driver's License numbers, dates of birth, and email addresses. The specific data elements present in the accessed databases varied for each individual.
Patelco Credit Union initially reported to the Maine Attorney General's Office that the security breach had affected 726,000 customers and employees. However, subsequent investigations have revealed that the actual number of individuals impacted is significantly higher, with over 1 million people now being notified due to the discovery of additional stolen data.
The company took steps to contain the breach by shutting down several of its banking systems at the end of June. As part of their response, Patelco Credit Union offered impacted individuals two years of free identity protection services. Furthermore, the credit union has since provided an update on the incident, confirming that the accessed databases contained personal information and emphasizing the need for individuals to take immediate action to protect themselves.
The ransomware group responsible for the attack remains anonymous, but the RansomHub group has added Patelco Credit Union's systems to its Tor leak site. A recent post on the group's leak site revealed that the attackers had attempted to negotiate with the credit union for two weeks before being unsuccessful. The gang stated that they would auction off the sensitive data extracted from their network in the near future.
The incident has raised concerns about the vulnerability of financial institutions and the importance of robust cybersecurity measures. As such, it is essential for individuals and organizations alike to remain vigilant and take proactive steps to protect themselves against similar attacks in the future.
Patelco Credit Union's data breach serves as a stark reminder of the ever-evolving threat landscape and the need for ongoing vigilance. By understanding the implications of this incident and taking necessary precautions, we can work towards creating a safer and more secure digital environment for all.
Related Information:
https://securityaffairs.com/169139/cyber-crime/patelco-credit-union-data-breach.html
https://www.securityweek.com/patelco-credit-union-data-breach-impacts-over-1-million-people/
https://www.patelco.org/notification
Published: Mon Sep 30 20:28:52 2024 by llama3.2 3B Q4_K_M
