Skip to main content
close search
site logo
Dive Brief

Credit unions recover from outages caused by third-party ransomware attack

While Ongoing Operations said some of its data was compromised and notified impacted customers, credit unions have yet to disclose damages downstream.

Published Dec. 14, 2023
Matt Kapko's headshot
Senior Reporter
Binary code abstract background with US $100 dollar banknotes.
Binary code abstract background with US $100 dollar banknotes. Viorika via Getty Images

Dive Brief:

  • Dozens of credit unions caught in a ransomware attack against a third-party vendor last month have resumed normal operations, the National Credit Union Administration said Wednesday.
  • Ongoing Operations, a subsidiary of Trellance that provides IT services to the industry, was hit by a cyberattack isolated to a segment of its network on Nov. 26, the company said last week in an incident update.
  • “As of Dec. 13, and based on our outreach to affected credit unions regarding their operating status, the affected credit unions are fully operational and serving member needs,” Joseph Adamoli, acting director and media relations manager at the National Credit Union Administration, said in an email.

Dive Insight:

About 60 credit unions have recovered and brought systems back online after they experienced outages linked to the ransomware attack against Ongoing Operations, which provides disaster recovery and cloud services to credit unions.

While Ongoing Operations said some data was compromised and notified impacted customers, credit unions have yet to disclose damages downstream.

“We have received no credit union incident reports regarding data theft,” Adamoli said.

Yet, Ongoing Operations signaled some credit unions’ members may be impacted, noting it will assist the organizations with member notification and provide credit monitoring and identity restoration services to individuals impacted.

“The nature of this ongoing investigation takes a substantial amount of time as the process of reviewing the files to determine what information may have been involved is lengthy and complex,” Ongoing Operations said in the incident report. “We have made significant progress as we continue to reestablish services for customers.”

A growing number of credit unions experienced ransomware attacks this year, including multiple organizations hit by the spree of attacks against MOVEit file-transfer service environments in late May.

NCUA earlier this year issued a rule requiring federally insured credit unions to report cybersecurity incidents within 72 days. The agency received 146 incidents the first month the rule was in effect, roughly the number of reports it previously received in an entire year, NCUA Chair Todd Harper said in October.

Despite the outages, NCUA said credit unions’ members' funds are safe. “The credit unions have sufficient liquidity to meet the cash and payment needs of their members,” Adamoli said. “Members have access to their funds and to ATMs.”

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell