Patelco Credit Union recently revealed that it was the target of a ransomware attack, prompting the institution to preemptively disable several of its customer-facing banking systems to mitigate the incident’s effects.
As a prominent American credit union, Patelco manages assets exceeding $9 billion and provides a comprehensive array of financial services, including checking and savings accounts, loans, credit cards, investment services, and insurance plans.
This California-based not-for-profit organization supports over 400,000 members through its 37 branches located in the Bay Area, Sacramento, and San Jose.
In a status update concerning the service outages beginning on June 29, 2024, Patelco confirmed the ransomware attack on that date.
“On June 29, 2024, Patelco Credit Union experienced a ransomware attack,” Patelco reported.
“Regrettably, this incident necessitated the proactive shutdown of some of our daily banking systems to contain and address the issue.”
According to Patelco’s latest update on service availability, the following services remain affected:
- Online banking, mobile app, and call center services are currently unavailable.
- Electronic transactions, including transfers, direct deposits, balance inquiries, and payments, are also unavailable.
- Debit and credit card transactions are functional but with limited capacity.
The organization assures members that they can still perform cash withdrawals from ATMs, including Patelco’s and shared branch machines, which have not been affected by the remediation efforts.
Patelco has enlisted third-party cybersecurity experts to investigate the incident and expedite the recovery process, although a specific timeline for returning to normal operations has not been provided.
The company anticipates potential delays in customer service and apologizes for the inconvenience, asking its members for patience as teams work tirelessly to restore all services.
As of now, no ransomware groups have claimed responsibility for the attack on Patelco, leaving the perpetrators unidentified.
Ransomware attacks often involve data theft to be leveraged during the extortion process, potentially compromising sensitive personal and financial information of hundreds of thousands of Patelco members.
The firm has yet to comment on the possibility of customer data exposure, likely because the investigation is still in its preliminary stages.
As a precaution, Patelco advises its clients to remain vigilant against unsolicited communications requesting personal information and to closely monitor their account activity.
Source: BleepingComputer, Bill Toulas