Two significant U.S. credit unions, Patelco Credit Union and Texas Dow Employees Credit Union (TDECU), have just disclosed data breaches that exposed the personal information of over 1.2 million individuals. These breaches were the result of targeted cyberattacks by notorious ransomware groups, RansomHub and Cl0p, respectively.
Patelco Credit Union, one of the largest credit unions in California, serves more than 400,000 members with assets exceeding $9 billion. Similarly, TDECU, one of Texas's largest credit unions, boasts over 350,000 members and $4 billion in assets.
Patelco Credit Union breach
Patelco Credit Union, based in Dublin, California, was the first to report a breach. The attack, claimed by the RansomHub ransomware group earlier this month, was discovered last month, though the initial infiltration occurred on May 23, 2024. The breach escalated into a full-blown ransomware incident by June 29.
RansomHub's attack compromised the personal information of approximately 726,000 individuals, including their names, Social Security numbers, driver's license numbers, dates of birth, and email addresses. Despite Patelco's swift actions to contain the threat—enlisting law enforcement and cybersecurity experts—the damage was extensive. The credit union has since offered affected individuals two years of free identity protection services through Experian.
TDECU breach
Texas Dow Employees Credit Union (TDECU), headquartered in Lake Jackson, Texas, experienced a similar breach, this time by the Cl0p ransomware group. The hackers gained access to TDECU's systems on May 29, 2023, but the breach went undetected until July 30, 2024.
This attack exposed the personal data of 500,474 individuals. Unlike Patelco, TDECU's internal systems were not compromised; instead, the attackers exploited vulnerabilities in MOVEit, a third-party software used by the credit union. In response to the situation, TDECU is offering identity protection services to the affected members for 12 months.
Affected individuals are strongly encouraged to take advantage of the identity protection services offered by the credit unions. Furthermore, they should remain vigilant by regularly monitoring their financial statements and credit reports for any signs of fraudulent activity. Enhanced precautions, such as placing fraud alerts or security freezes on credit files, can provide additional layers of protection against potential misuse of personal information.
Unfortunately, the stolen information has already been made available for download on the threat actors' extortion websites on the dark web, so they are freely accessible by the wider cybercrime community.
Leave a Reply