Patelco Credit Union, a member-owned, not-for-profit financial institution based in Northern California, has confirmed a significant data breach. The incident has impacted 726,000 individuals following a ransomware attack by the RansomHub group, compromising sensitive customer information. The information stolen during the breach includes a range of sensitive data such as full names, Social Security numbers, driver’s licence numbers, dates of birth, and email addresses.
Patelco first detected the data breach on 29th June 2024, when the credit union identified unauthorised access to its databases. The cyberattack began on 23rd May 2024, allowing the hackers to infiltrate Patelco’s systems and steal a large amount of personal data. The breach necessitated the shutdown of customer-facing banking systems for nearly two weeks as Patelco worked to contain the damage and restore functionality.
Additional details such as postal addresses, phone numbers, gender, passwords, and credit ratings were also exposed in some cases. This broad scope of compromised information poses significant risks to the affected individuals.
Patelco Credit Union attack claimed by RansomHub
The RansomHub ransomware group, known for targeting large organisations, claimed responsibility for the attack. On 15 August 2024, the group listed the stolen data on its extortion portal after failing to reach an agreement with Patelco during negotiations. The cybercriminals have since begun auctioning the data.
In response to the breach, Patelco has offered affected individuals two years of complimentary identity protection and credit monitoring services through Experian, a consumer credit reporting company.
The credit union has also issued warnings to its members about the increased risk of phishing scams and social engineering attacks, advising them to be vigilant against suspicious communications. Additionally, the breach has led to legal actions, with law firms investigating Patelco’s handling of the incident.
The California Department of Financial Protection and Innovation has issued a consumer alert in response to the breach, advising affected individuals to take necessary protective measures.
Financial services industry uniquely vulnerable to ransomware
According to the CDW Cybersecurity Research Report for 2024, financial organisations are more frequently targeted and suffer more costly breaches compared to other industries. Approximately 75% of financial services organisations have experienced at least one breach in the past five years, often resulting in financial impacts exceeding $5m per incident.
This trend is evident in recent times, as cybercriminals have increasingly targeted financial organisations, leading to significant data breaches, such as the 2022 Nelnet breach affecting 2.5 million individuals, and the Flagstar Bank breach exposing 1.5 million customers’ data.
Recently, collected personal data reseller National Public Data (NPD) confirmed a significant data breach of approximately three billion records, including names, Social Security numbers, and physical addresses. This was followed by Japanese automaker Toyota’s confirmation of an approximately 240GB data breach last week.