Patelco confirms thousands of customers hit in ransomware attack

New filing sheds more light on recent Patelco attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Theransomwareattack on Patelco Credit Union appears to have meant the company lost sensitive data on hundreds of thousands of customers.

The firm confirmed the news via a new filing submitted with the Maine Office of the Attorney General, stating 726,000 of its customers have had their data taken.

The stolen data included user’s full names, Social Security Numbers (SSN), driver’s license numbers, dates of birth, and email addresses, which is more than enoughintelto mountidentity theft, phishing, or wire fraud.

Names and SSNs

The American not-for-profit financial cooperative reported suffering a ransomware attack in May 2024 which forced it to shut down parts of its IT infrastructure to contain the incident. It took the company roughly two weeks to get back on its feet and resume operations.

At the time, it was unknown who the hackers were, or if they obtained any sensitive information from the company endpoints, as is the usual case in ransomware attacks.

Soon after, RansomHub, a group that spun out of the defunct ALPHV, claimed responsibility for the attack, and published all of the stolen data on its extortion portal.

As a credit union, Patelco offers many of the same financial services as a traditional bank, including savings accounts, checking accounts, loans, mortgages, credit cards, and investment services. However, unlike banks, credit unions like Patelco are member-owned and operated, meaning profits are returned to members in the form of lower fees, better interest rates, and dividends.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Patelco is one of the larger credit unions in the U.S., serving hundreds of thousands of members and managing billions of dollars in assets. According toBleepingComputer, its assets exceed $9 billion.

Patelco is offering two years of identity and credit monitoring services for free, through Experian, to minimize the damage.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics