Posted by BeauHD from the here-we-go-again dept.
An anonymous reader quotes a report from Ars Technica: A California-based credit union with over 450,000 members said it suffered a ransomware attack that is disrupting account services and could take weeks to recover from. “The next few days — and coming weeks — may present challenges for our members, as we continue to navigate around the limited functionality we are experiencing due to this incident,” Patelco Credit Union CEO Erin Mendez told members in a July 1 message (PDF) that said the security problem was caused by a ransomware attack. Online banking and several other services are unavailable, while several other services and types of transactions have limited functionality.
Patelco Credit Union was hit by the attack on June 29 and has been posting updates on this page, which says the credit union “proactively shut down some of our day-to-day banking systems to contain and remediate the issue… As a result of our proactive measures, transactions, transfers, payments, and deposits are unavailable at this time. Debit and credit cards are working with limited functionality.” Patelco Credit Union is a nonprofit cooperative in Northern California with $9 billion in assets and 37 local branches. “Our priority is the safe and secure restoration of our banking systems,” a July 2 update said. “We continue to work alongside leading third-party cybersecurity experts in support of this effort. We have also been cooperating with regulators and law enforcement.”
Patelco says that check and cash deposits should be working, but direct deposits have limited functionality. Security expert Ahmed Banafa “said Tuesday that it looks likely that hackers infiltrated the bank’s internal databases via a phishing email and encrypted its contents, locking out the bank from its own systems,” the Mercury News reported. Banafa was paraphrased as saying that it is “likely the hackers will demand an amount of money from the credit union to restore its systems back to normal, and will continue to hold the bank’s accounts hostage until either the bank finds a way around the hack or until the hackers are paid.” Patelco hasn’t revealed details about how it will recover from the ransomware attack but acknowledged to customers that their personal information could be at risk. “The investigation into the nature and scope of the incident is ongoing,” the credit union said. “If the investigation determines that individuals’ information is involved as a result of this incident, we will of course notify those individuals and provide resources to help protect their information in accordance with applicable laws.”
While ATMs “remain available for cash withdrawals and deposits,” Patelco said many of its other services remain unavailable, including online banking, the mobile app, outgoing wire transfers, monthly statements, Zelle, balance inquiries, and online bill payments. Services with “limited functionality” include company branches, call center services, live chats, debit and credit card transactions, and direct deposits.
How many NASA managers does it take to screw in a lightbulb? “That’s a known problem… don’t worry about it.”
Working…
