A significant ransomware attack on one of California’s oldest and most prominent credit unions, Patelco, has compromised the sensitive personal information of over 700,000 individuals. The breach, which occurred at the end of June, exposed the names, dates of birth, Social Security numbers, and driver’s license numbers of 726,000 people, as confirmed by Patelco in recent disclosures to regulators.
The credit union reported the breach on its website and to attorneys general offices across several states, including Maine, California, Massachusetts, Vermont, and Texas. Patelco discovered the attack on June 29, but further investigation revealed that the hackers had been lurking within the credit union’s network since May 23.
While the full extent of the data accessed remains unclear, Patelco is proactively notifying everyone whose information was stored in the compromised databases. Those affected include both current and former members of the credit union, as well as employees. The investigation, which concluded on August 14, involved collaboration with law enforcement and external cybersecurity experts.
In response to the breach, Patelco is offering two years of free identity protection services to those impacted. Patelco’s president and CEO, Erin Mendez, issued an apology for the incident last week, assuring customers that a dedicated call center has been established to address their concerns.
The timing of the attack, just ahead of the July 4 holiday, led to widespread confusion among Patelco’s customers. Hundreds of members flooded social media platforms like Facebook, expressing frustration and bewilderment over conflicting information in the credit union’s emails and website statements. The disruption also affected customer access to their accounts, with reports of ATM withdrawal limits capped at $500 and intermittent outages affecting online banking.
In the wake of the breach, law firms have already begun reaching out to the public regarding potential litigation related to the incident. The ransomware attack was claimed two weeks ago by the RansomHub gang, a group notorious for previous attacks on high-profile targets such as auction house Christie’s, telecom giant Frontier, Rite Aid, and the city of Columbus, Ohio.
Credit unions like Patelco, which manages over $9 billion in assets, are frequently targeted by cybercriminals. Just last week, the Texas Dow Employees Credit Union alerted 500,474 customers about a data breach involving a popular file transfer tool that was exploited by hackers.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
