News

Ransomware attack — Everythings frozen: Ransomware locks credit union users out of bank accounts Patelco Credit Union in Calif. shut down numerous banking services after attack.

Jon Brodkin – Jul 3, 2024 5:17 pm UTC Enlarge / ATM at a Patelco Credit Union branch in Dublin, California, on July 23, 2018. Getty Images | Smith Collection/Gado reader comments 101

A California-based credit union with over 450,000 members said it suffered a ransomware attack that is disrupting account services and could take weeks to recover from.

“The next few daysand coming weeksmay present challenges for our members, as we continue to navigate around the limited functionality we are experiencing due to this incident,” Patelco Credit Union CEO Erin Mendez told members in a July 1 message that said the security problem was caused by a ransomware attack. Online banking and several other services are unavailable, while several other services and types of transactions have limited functionality.

Patelco Credit Union was hit by the attack on June 29 and has been posting updates on this page, which says the credit union “proactively shut down some of our day-to-day banking systems to contain and remediate the issue… As a result of our proactive measures, transactions, transfers, payments, and deposits are unavailable at this time. Debit and credit cards are working with limited functionality.”

Patelco Credit Union is a nonprofit cooperative in Northern California with $9 billion in assets and 37 local branches. “Our priority is the safe and secure restoration of our banking systems,” a July 2 update said. “We continue to work alongside leading third-party cybersecurity experts in support of this effort. We have also been cooperating with regulators and law enforcement.” Everythings frozen

Patelco member Enrique Juarez said he was having trouble accessing his Social Security payment, according to the Mercury News.”I’ve never had a problem before,” Juarez told the news organization. “Everything’s frozen, I can’t even check my balance until this is resolvedand they don’t know [when that will happen].”

Patelco says that check and cash deposits should be working, but direct deposits have limited functionality.

Security expert Ahmed Banafa “said Tuesday that it looks likely that hackers infiltrated the bank’s internal databases via a phishing email and encrypted its contents, locking out the bank from its own systems,” the Mercury News reported. Banafa was paraphrased as saying that it is “likely the hackers will demand an amount of money from the credit union to restore its systems back to normal, and will continue to hold the bank’s accounts hostage until either the bank finds a way around the hack or until the hackers are paid.”

Change Healthcare, a health payment processing company hit by ransomware this year, told lawmakers that it paid a ransom of $22 million in bitcoin. Change Healthcare owner UnitedHealth failed to use multifactor authentication on critical systems.

Patelco hasn’t revealed details about how it will recover from the ransomware attack but acknowledged to customers that their personal information could be at risk. “The investigation into the nature and scope of the incident is ongoing,” the credit union said. “If the investigation determines that individuals’ information is involved as a result of this incident, we will of course notify those individuals and provide resources to help protect their information in accordance with applicable laws.” Patelco waives fees, warns of more outages

Patelco said it is waiving overdraft, late payment, and ATM fees “until we are back up and running.” Members who need to access funds from direct deposits can do so by writing a check, using an ATM card to get cash, or by making a purchase, Patelco said.

As of yesterday, members could expect to “experience short, intermittent outages at Patelco ATMs,” the organization said. “This is normal and to be expected during our recovery process. Access to shared ATMs will not be interrupted as part of this process and they remain available for cash withdrawals and deposits.”

A chart on the security update page says the services that remain unavailable include online banking, the mobile app, outgoing wire transfers, monthly statements, Zelle, balance inquiries, and online bill payments.

Patelco branches, call center services, and live chats have “limited functionality,” as do debit card transactions, credit card transactions, and direct deposits, according to the chart. Services that are listed as available include check and cash deposits, ATM withdrawals, ACH transfers, ACH for bill payments, and in-branch loan payments. reader comments 101 Jon Brodkin Jon has been a reporter for Ars Technica since 2011 and covers a wide array of telecom and tech policy topics. Jon graduated from Boston University with a degree in journalism and has been a full-time journalist for over 20 years. Advertisement Channel Ars Technica ← Previous story Next story → Related Stories Today on Ars

Articles You May Like

US Supreme Court says Trump immune for ‘official acts’ as president
Delek Holdings (DK) and First Solar (FSLR) are Aggressive Growth Rank Buys
Firefly is building fast and breaking things on path to a reusable rocket
Surface Pro 11 and Laptop 7 review: An Apple Silicon moment for Windows
3 million iOS and macOS apps were exposed to potent supply-chain attacks