60 credit unions facing outages due to ransomware attack on popular tech provider
pppAbout 60 credit unions are dealing with outages due to a ransomware attack on a widelyused technology providerppNational Credit Union Administration NCUA spokesperson Joseph Adamoli said the ransomware attack targeted the cloud services provider Ongoing Operations a company owned by credit union technology firm TrellanceppAdamoli said the NCUA which regulates credit unions at the federal level received incident reports indicating that several credit unions were sent a message from Ongoing Operations saying the company was hit with ransomware on November 26ppUpon discovery we took immediate action to address and investigate the incident which included engaging thirdparty specialists to assist with determining the nature and scope of the event We also notified federal law enforcement Ongoing Operations told affected credit unionsppAt this time our investigation is currently ongoing and we will continue to provide updates as necessary Please know that at this time we have no evidence of any misuse of information and we are providing notice in an abundance of caution to ensure awareness of this eventppAdamoli confirmed that approximately 60 credit unions are currently experiencing some level of outage due to a ransomware attack at a thirdparty service providerppThe NCUA is coordinating with affected credit unions Member deposits at affected federally insured credit unions are insured by the National Credit Union Share Insurance Fund up to 250000 he saidppHe added that they have informed the US Department of the Treasury the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency about the incident Trellance did not respond to requests for commentppThe attack is having larger downstream effects on other credit union technology providers including FedComp a company that offers data processing solutions to credit unionsppFedComp did not respond to requests for comment but a notice on its website says the FedComp Data Center is experiencing technical difficulties and is under a country wide outageppWe are down with no ETA but Trellance is still working on resolving the issue There is no email support but the Tech line is available the statement saidppOne of the affected credit unions Mountain Valley Federal Credit Union MVFCU released a notice on Thursday warning customers that it was dealing with significant outagesppThe Peru New Yorkbased credit union serves thousands of people across Clinton or Essex County It said its data processor FedComp informed them of the ransomware attack on TrellanceppTrellance has indicated that our member information has not been affected by this incident CEO Maggie Pope wrote in a letter to membersppBecause of this Trellance must move to a new server system This process does take time as there are multiple steps involved This is not just an MVFCU issue it is nationwide Trellance and FedComp have been working around the clock to get our systems along with other credit unions around the country that have experienced the same issue back onlineppMountain Valley said it plans to cover any and all fees associated with the incidentppThe NCUA warned in August that it was seeing an increase in cyberattacks against credit unions credit union service organizations CUSO and other thirdparty vendors supplying financial services productsppMultiple credit unions were affected by the cyberattack on the MOVEit file transfer software earlier this year and dozens of organizations have filed data breach reports with regulators in Maine over the last three yearsppThe RansomHouse extortion group added Jefferson Credit Union to its list of victims in 2022 and Envision Credit Union announced a cyberattack last year involving the LockBit ransomware group Ardent Credit Union also faced an incident in 2020ppIn February the NCUA approved new rules that require a federally insured credit union to notify the NCUA within 72 hours of a cyberattack The rule came into effect on September 1ppNCUA Chairman Todd Harper said in October that in the first 30 days after the rule went into effect the NCUA received 146 incident reports a number the organization previously only saw in an entire yearppHe lauded the proactive efforts that credit unions are taking to reach out to government agencies for cybersecurity help but noted that his organizations ability to analyze the entire credit union system remains limitedppThats because CUSOs and credit union thirdparty service providers do not have the same level of oversight as bank vendors as the NCUA lacks the statutory authority to directly examine or supervise these entities he saidppStakeholders must understand that the risks resulting from the NCUAs lack of vendor authority are real expanding and impact all of usppHe added that more than 60 percent of the cyber incidents reported to the NCUA involve thirdparty service providers and CUSOsppUntil this growing regulatory blind spot is closed thousands of federally insured credit unions tens of millions of consumers who use credit unions and trillions in assets are exposed to high levels of risk he saidppJonathan Greig is a Breaking News Reporter at Recorded Future News Jonathan has worked across the globe as a journalist since 2014 Before moving back to New York City he worked for news outlets in South Africa Jordan and Cambodia He previously covered cybersecurity at ZDNet and TechRepublicpp Copyright 2023 The Record from Recorded Future Newsp