Blog article
See all stories »

Cyber Attacks and Credit Unions

Just as we wrote about the Top 5 Cyber Attacks in the Aviation Industry, credit unions have faced similar issues as the target of dedicated cyber criminals. In a recent blog post, we talked about the risks that credit unions face in the current threat landscape, but we didn’t talk about specific events. In the first half of 2021 alone, the financial industry experienced a 1,318% year over year increase in ransomware attacks. This increase was alarming enough that the National Credit Union Administration started issuing grants for up to $7k in funding to bolster cybersecurity initiatives at small credit unions. Below are a few prominent cyber-attacks against Credit Unions that happened this year.

 

Envision Credit Union

In late August, Envision Credit Union sent a memo out to their customers saying they were “experiencing technical difficulties”. What this memo did not include was the fact that they were in a battle with cyber thieves trying to get a hold of customers’ financial information. In reality, they were the victim of a LockBit 2.0 ransomware attack. Envision serves over 55,000 customers across multiple states and has more than $621 million under management.

 

Ardent Credit Union

It has been reported by CaseyGerry that in June of 2020, an Ardent employee’s email was compromised which gave way customer data. This data, such as names, driver license numbers, and social security numbers are all incredibly value assets on the dark web and are traded at an extremely high rate and price. Ardent has more than 85,000 ATM machines—potentially exposing thousands of their customers or other financial institution customers who were just using their ATMs. This is such a big deal if an ATM’s data was breached because it is not always confined to customers of the ATM operator. Even if your data was breached, Ardent may not even be able to tell you.

 

BECU – A Case of Proactive Cybersecurity

While it is not limited to one event, Boeing Employees Credit Union has seen a wave of pandemic related scams targeting their 1.28 million customers this year. With over $26.8 billion in assets, BECU is one of the nation’s largest credit unions, making it a prime target for social engineering and phishing attacks. BECU has so far been proactive in addressing the thousands of phishing attacks against its members, having sent out multiple correspondences this year informing their members on what to look out for in financial scams. Over the course of the pandemic, pandemic related financial assistance has been a big topic—a perfect cover in which cyber thieves camouflage their malicious activities. By training their customers on best practices and how to spot phishing attempts, BECU have so far avoided widespread compromise.

Original Post: https://cnsight.io/2021/12/29/cyber-attacks-and-credit-unions/

11316

Comments: (0)

Tristan Hinsley

Tristan Hinsley

Cybersecurity Engineer

TDI Security - tdisecurity.com

Member since

27 Oct 2021

Location

Washington, D.C.

Blog posts

6

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...


See all

Now hiring