data breach phishing
A Georgia credit union notified its members late last month of a data security incident that may have affected some of their personal information.
On March 27, the $345 million Platinum Federal Credit Union (PFCU) in Duluth, Ga., was alerted to unusual activity involving one of its employee’s email account.
“In response, we initiated an investigation and took steps to secure our system,” PFCU wrote in a Sept. 24 letter to members that was filed with the Massachusetts Attorney General’s Office. “Additionally, a third-party forensic firm was engaged to assist in the investigation.”
The investigation determined there was an unauthorized access to one employee’s email account that may have contained members’ information. After reviewing the email account, PFCU said members’ information might have been impacted on Sept. 17.
Because PFCU submitted a “sample letter” of the breach to the AG’s office, it did not list the specific personal information potentially affected. In similar credit union data breaches, compromised data has included names, addresses, dates of birth, Social Security numbers, driver’s license or state ID numbers, credit or debit card details and financial account numbers.
“This incident affected a small percentage of our members and they’ve been notified,” PFCU President/CEO Kabir Laiwalla wrote in an email on Thursday. He did not report the number of members who may have been affected or what personal information may have been exposed because of the data breach.
The credit union currently serves 12,996 members in Georgia, Alabama and Florida.
PFCU said it takes the privacy and security of member information very seriously and apologize for any concern or inconvenience this incident may have caused members.
“To help prevent something like this from happening again, we have implemented and will continue to adopt additional safeguards and technical security measures to further protect and monitor our systems,” PFCU stated.
The credit union is offering members free credit monitoring and identity protection services.
Peter Strozniak can be reached at pstrozniak@cutimes.com.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.