NY CU Exposes Card Data

Inadvertent Exposure Revealed Cardholder Personal Info
NY CU Exposes Card Data

Bethpage Federal Credit Union, a New York-based institution with $4.5 billion in assets, says it inadvertently exposed debit details and some personal information about cardholders after a non-secure file was made accessible via its website.

See Also: Webinar | Passwords: Here Today, Gone Tomorrow? Be Careful What You Wish For.

In a June 12 statement posted to the credit union's website, Bethpage says it is not aware of any fraud that has resulted because of the breach, but if fraud does occur, no impacted members will be liable for any losses connected to the leak.

"We have learned that information about our members was electronically placed in a non-secure file that was accessible via the Internet," the institution says. "This was not a hack or breach of our core system but an isolated incident."

The exposed information includes debit card numbers, expiration dates and checking account numbers linked to debit cards; primary savings account numbers; as well as members' names, mailing addresses and dates of birth. The credit union says the file did not contain Social Security numbers, debit card security codes, used for card-not-present transactions, or PINs.

Bethpage did not respond to queries about the breach. But according to a local news report some 86,000 member accounts were suspected to have been affected. Bethpage serves just more than 196,000 members.

Once the data leak was discovered, Bethpage says it removed all access to the unsecured file and immediately enhanced security questions for member inquiries. "In addition, beyond the standard measures we take for fraud protection, we have placed additional fraud monitoring on all accounts and debit cards," the institution says.

Associate Editor Jeffrey Roman contributed to this report.


About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 20 years' experience, Kitten has covered the financial sector for the last 13 years. Before joining Information Security Media Group in 2010, where she now serves as director of global events content and executive editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.