CUNA said Monday night that its website was one of at least 30 major organizations struck by hackers and is advising all CUNA.org users to change their passwords.
The trade group said the compromised data was limited to information used to log on to the site, such as email addresses, phone numbers, titles and business addresses.
“We have analyzed the data potentially accessed by this group and want you to know that it includes no personally identifiable information (e.g., driver’s license, credit card or Social Security numbers) from credit union or league personnel, or other users of CUNA’s website,” the trade group said in a statement.
The trade group said a group called Team GhostShell was behind the attacks, which CUNA said also targeted federal government sites including NASA, legal and educational institutions, the European Space Agency and the Texas Bankers Association.
“The hackers claim they have data on 85 million people. This hasn’t been verified, and we can assure you that CUNA does not store any information for individual consumers who are credit union members,” the CUNA statement said.
The trade group said users of cuna.org will be advised to change their passwords on their next log in and advised that users do the same on any other site where the same password is used.
“We do not believe any sensitive personal information from our web site was accessed,” said CUNA President/CEO Bill Cheney. “However, we are contacting all users of our website to advise them of the breach. Further, we will continue to analyze the information posted online by the (hackers) group, as well as continue to validate that no other risks exist. We will also continue to monitor our website and take increased security measures to ensure it is safeguarded.”