Finance & Banking , Incident & Breach Response , Industry Specific

Patelco Breach Affected 726,000 Customers and Employees

Ransomware-Wielding Attackers Had Access to Credit Union Database for Over a Month
Patelco Breach Affected 726,000 Customers and Employees
Patelco Credit Union is notifying current and former customers and employees that ransomware hackers stole their data. (Image: Shutterstock)

Hackers stole the data of more 700,000 current and former customers and employees of Patelco Credit Union in a monthlong ransomware attack detected in June, the California financial institution said.

See Also: Infographic: Financial Services Identity Security By the Numbers

The credit union discovered June 29 that hackers obtained access in late May to its database and stole personal information such as names, Social Security numbers, driver's license numbers and email addresses. The breach didn't equally affect all 726,000 individuals victimized by the attack, said the not-for-profit credit union, which serves Northern California, in notifications filed with the attorneys general of Maine, California, Massachusetts and Vermont.

Forensic investigators initially pegged the number of victims at about 450,000, which is the number of members the credit union says it currently has (see: On Day 4 of Ransomware Attack, Service Still Down at Patelco).

Patelco reacted to the attack discovery by shutting down some of its day-to-day banking systems, including its online banking, mobile app and call center services, to "contain and remediate" the incident. The credit union manages $9 billion in assets. Electronic transactions such as transfers, balance inquiries and payments were also unavailable, and debit and credit card transactions remained operational but in a limited capacity. The credit union has since restored most services.

The hackers on Aug. 16 posted to the RansomHub website what appears to be the stolen data. Patelco did not confirm the veracity of the data, whether RansomHub demanded an extortion payment or if it paid any ransom.

Linked to the now-defunct ransomware group Knight, RansomHub is a ransomware-as-a-service crime group connected to attacks on Rite Aid, Christie's and the Florida Department of Health.

*Update Aug. 28, 2024 10:21 UTC: This story has been updated to correct the breach count as being 726,000.


About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.