Shortly before Labor Day, the $835 million Central One Federal Credit Union said it identified potentially suspicious activity in its computer network, which was later confirmed as a data breach, affecting 56,923 individuals and their personal information.
The Shrewsbury-Mass.-based credit union reported the incident to the Massachusetts Office of Consumer Affairs and Business Regulation on Nov. 10. The breach exposed current and former members’ Social Security numbers, medical records, financial accounts, credit and debit card numbers and driver’s licenses, according to the state’s consumer affairs office.
Central One FCU currently serves 39,525 members.
In its breach notification letter to members, the credit union stated it has no evidence that members’ information had been used for identity theft or fraud.
After detecting the suspicious activity in September, the credit union took its systems offline to conduct an investigation.
“Since returning to normal operations, our investigation has continued,” Central One stated in its notification letter. “We have now determined that an unauthorized party had access to certain Central One systems between August 26, 2025, and August 30, 2025, and during that period, they acquired copies of some files from our network.”
The credit union stated it reviewed the contents of the potentially acquired files, which included members personal information.
Central One also said it is taking steps to reduce the risk of this type of incident occurring in the future and is providing members with two years of complimentary identity protection service.
Peter Strozniak can be reached at peter.strozniak@arc-network.com.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.