Last Update: 06/03/2026 at 5:25 AM EST
Credit Union Data Breach Disclosures
Coverage from Morningstar, Credit Union Times, and others
Articles
10
Latest Article
05/25
Active Days
38
Executive Summary
Recent disclosures show several credit unions dealing with ransomware and third-party access incidents that exposed Social Security numbers, account data, and other identifiers, while regulators, consumers, and law firms respond with filings, notifications, and mitigation steps.
Key Points
- The strongest signal is a run of credit union breach disclosures, especially in Georgia and Texas, involving ransomware or unauthorized network access.
- Exposed data commonly includes Social Security numbers, account numbers, driver's license or state ID numbers, and other identity and financial identifiers.
- Third-party involvement is a recurring feature, with incidents tied to outside IT providers or vendors used for forensic review and file analysis.
- State attorney general notifications and consumer mailing campaigns are a consistent part of the response pattern.
- Most disclosures pair breach notice with credit monitoring, fraud assistance, or identity restoration services.
- Some incidents remain partially described, with limited public detail on timelines or affected counts, which reduces precision in several cases.
- At least one Georgia Heritage incident is also drawing class action review, showing a legal-response layer alongside notification and remediation.
Featured Article
Georgia Heritage Federal Credit Union disclosed a January 2025 ransomware incident affecting about 43,077 people, with Maine Attorney General filing in April 2026 and consumer notifications starting January 2026.
Coverage Timeline: 38 Days
Hover over any logo to see coverage summary, click for full article.
Additional Articles
⭐⭐⭐⭐⭐
Georgia Heritage Federal Credit Union and Alaska Air Group Federal Credit Union notified consumers of ransomware and third-party IT breaches exposing personal and banking information for 53,000+ people.
SafePay-linked intrusion at Houston, Texas-based MemberSource Credit Union in June 2025 exposed unencrypted identity and financial data; Texas notified members in May 2026.
⭐⭐⭐
Edelson Lechtzin LLP is investigating a possible class action after a January 25, 2025 ransomware incident at Georgia Heritage Financial Credit Union exposed personal data in Savannah, Georgia.
Georgia Heritage Financial Credit Union disclosed a ransomware-linked data breach on or around Jan. 25, 2025, affecting 43,077 individuals in Savannah-area operations.
Alaska Air Group Federal Credit Union disclosed a March 2026 third-party IT breach, notifying the California and Maine Attorneys General in April 2026.
Connected Credit Union disclosed a data breach filed with the Vermont Attorney General that exposed Social Security numbers and financial account codes, with timeline details not publicly released.
Equal Vision Records reported a 2026 unauthorized network breach to Massachusetts regulators and began notifying affected consumers with Cyberscout credit monitoring.
MemberSource Credit Union notified state attorneys general after unauthorized access exposed unencrypted personal and financial data tied to 22,308 Texas residents, with a June 3, 2025 breach date.
Georgia Heritage Financial Credit Union disclosed a ransomware-related breach on or around January 25, 2025, affecting 43,077 people in Georgia.