A massive cyber attack at the Sheffield Credit Union has impacted thousands of its members; it’s reported that the attack has led to thousands of members getting their personal data compromised.
The Sheffield Credit Union, which offers loans and savings schemes, was reportedly targeted and attacked by hackers in February; the incident came to light recently and the Credit Union has contacted its 15,000 members informing them of the cyber attack.
The Sheffield Credit Union (SCU) has written to its members informing them that it has been hit by a cyber-crime incident, which is believed to have taken place on 14 February and which has come to light recently. The members are warned that as a consequence they could be exposed to text messaging, cold calling and other attempts to defraud.
The BBC reports that the cyber attack “…happened in February but only came to light recently after hackers threatened to publish the data unless a ransom was paid.”
It’s also reported that personal data of the SCU members, including their names, addresses, telephone numbers, national insurance numbers, bank account details, loan agreement details etc could have been compromised.
The SCU had reported the incident to the South Yorkshire Police and Action Fraud, and investigations are on. The South Yorkshire Police, in an advice published after the attack, says- “We are aware that Sheffield Credit Union have released information regarding a cyber-attack on their members’ data…Letters have been sent to all members from the Credit Union and anyone who thinks they may have been effected by this should contact Sheffield Credit Union in the first instance…If you think there has been unauthorised activity in your bank account, please contact Action Fraud on 0300 123 2040, not 101…South Yorkshire Police are working with Action Fraud and Sheffield Credit Union to actively investigate the wider data breach, however concerns around any crimes committed should be reported to Action Fraud.”
The South Yorkshire Police advice also says that no criminals perhaps have access to customer accounts, but at the same time advises members to stay alert. The advice says- “Whilst at this stage there is nothing to suggest anyone has access to customer accounts, we’d advise people to monitor their bank and credit report for any unusual activity and report anything suspicious to Action Fraud…People are advised to be vigilant of any unusual letters, calls, text messages or emails over the coming weeks which could be possible phishing attempts.”
Reports suggest that the hackers could have executed the attack via a “brute-force” attack, bombarding the systems at the SCU with different password combinations, in an attempt to hit at and effectively use the correct one. The members of the SCU, however, needn’t be too scared, as per SCU sources; there might not be a wholesale fraud, they just need to stay cautious and keep monitoring their bank and credit report for any unusual activity.
Following the hack, the Sheffield Credit Union has also come out with detailed tips, for its members, on how to stay safe from scammers, protect their money and their personal information.