Connex, one of Connecticut’s largest credit unions is warning tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. The info that was swiped included names, account numbers, debit card information, Social Security numbers, and/or other government ID used to open the individual’s account.
Roger Grimes, Data-Driven Defense Evangelist at KnowBe4:
“It does seem longish that the credit union waited over a month to notify impacted victims. Maybe it took them two weeks to figure out who exactly was impacted, but it sounds like they identified who was personally impacted and then still waited another two weeks to notify the victims. That’s two weeks that hackers and scammers could have been using the stolen information to better leverage spear phishing attacks against selected victims.”
Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Data breach victims should take advantage of the free credit monitoring offered by Connex to protect themselves from fraud and identity theft. Don’t get complacent because there’s “no evidence” of misuse. Connex doesn’t have the means to verify if your personal information is being abused. Assume the worst and keep a close eye on your accounts.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“It seems like we see data breaches on a weekly, if not daily, basis. This data breach appears to have served up quite the buffet of personal and financial information for the bad guys, including the ever popular Social Security Number and debit card number Daily Double. This information can be used to open accounts in victims’ names, so affected members need to stay a
It sucks to be Connex as they are the latest company to be the victim of a threat actor. It will be interesting to see who claims responsibility for this and what secondary attacks happen with the data that was stolen.
Like this:
Like Loading...
Related
This entry was posted on August 11, 2025 at 3:12 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Connex Credit Union data breach impacts 172,000 members
Connex, one of Connecticut’s largest credit unions is warning tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. The info that was swiped included names, account numbers, debit card information, Social Security numbers, and/or other government ID used to open the individual’s account.
Roger Grimes, Data-Driven Defense Evangelist at KnowBe4:
“It does seem longish that the credit union waited over a month to notify impacted victims. Maybe it took them two weeks to figure out who exactly was impacted, but it sounds like they identified who was personally impacted and then still waited another two weeks to notify the victims. That’s two weeks that hackers and scammers could have been using the stolen information to better leverage spear phishing attacks against selected victims.”
Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Data breach victims should take advantage of the free credit monitoring offered by Connex to protect themselves from fraud and identity theft. Don’t get complacent because there’s “no evidence” of misuse. Connex doesn’t have the means to verify if your personal information is being abused. Assume the worst and keep a close eye on your accounts.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“It seems like we see data breaches on a weekly, if not daily, basis. This data breach appears to have served up quite the buffet of personal and financial information for the bad guys, including the ever popular Social Security Number and debit card number Daily Double. This information can be used to open accounts in victims’ names, so affected members need to stay a
It sucks to be Connex as they are the latest company to be the victim of a threat actor. It will be interesting to see who claims responsibility for this and what secondary attacks happen with the data that was stolen.
Share this:
Like this:
Related
This entry was posted on August 11, 2025 at 3:12 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.