Personal Finance

Patelco Ransomware Attack Accessed Members' Personal Information

Patelco said that it has confirmed that the ransomware attack accessed a database containing information like Social Security numbers.

Michael Wittner's profile picture
Michael Wittner, Patch StaffVerified Patch Staff Badge
|
Patelco said it is offering members a free two-year membership to an identity theft prevention service.
Patelco said it is offering members a free two-year membership to an identity theft prevention service. (Google Maps)

DUBLIN, CA — Patelco Credit Union confirmed that a ransomware attack gained access to its members’ personal information.

On Aug. 14, following a thorough investigation of the ransomware attack that resulted in a two-week outage, the Dublin-based credit union said in an email to members that it learned that the hackers were able to access databases of member information. Patelco said that it does not yet know the specific data that was accessed, but the databases contained members’ first and last names, Social Security numbers, driver’s license numbers, date of birth, and/or email address.

“Please accept our apologies that this incident occurred. We are committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it. We continually evaluate and modify our practices and internal controls to enhance the security and privacy of personal information,” Patelco wrote.

Find out what's happening in Dublinfor free with the latest updates from Patch.

Patelco is offering members a complimentary two-year membership to Experian Identity WorksSM Credit 3B, which helps detect possible misuse of personal information, and provides immediate identification and resolution of identity theft. Enrolling in the program will not affect members’ credit scores, Patelco said. The service normally costs $24.99 a month, so it is costing Patelco roughly $1200 per customer.

The credit union also said that it continues to work with cybersecurity experts and law enforcement to investigate the incident and prevent future attacks.

Find out what's happening in Dublinfor free with the latest updates from Patch.

Patelco became aware of the ransomware attack on June 29, and shut down essential functions like making electronic transactions, receiving direct deposits, and conducting balance inquiries. Service was gradually restored over the next two weeks. By the time most functions returned, the credit union was hit with two class-action lawsuits alleging negligence in preventing the attack.

RELATED:

Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.

More from Dublin