Around 15,000 members of a credit union in the UK have had their personal data stolen due to a cyber-attack. Sheffield Credit Union (SCU) claims that names, national insurance numbers, addresses and bank details were accessed due to this breach in cyber-security.
Even though this attack took place in February, it only came to light recently as hackers threatened to publish the stolen data until credit union pays the ransom. The South Yorkshire Police said that it was working with the SCU and Action Fraud to fix this issue.
The union claims that this breach may leave the members open to attempts to be deceived.
SCU claims in the letters sent to their members that, “We are writing to all of our members to inform them that Sheffield Credit Union was the victim of a cyber-crime incident, which is believed to have taken place on 14 February 2018 but only recently came to light.
This incident may expose you to text messaging, cold calling and attempts to defraud.”
The letter further stated saying that since the theft, they have “reviewed and increased” their security and details of the attack has even been passed on to relevant authorities which include the police and ICO- Information Commissioners Office.
Chairwoman of trustees, Fiona Greaves said that it was believed that the cyber-criminals got hold of the data using a so-called “brute-force” attack. In this attack they bombard the computer system with different combinations of passwords in hope of guessing the correct password through trial and error method.
She added saying, “We are taking it extremely seriously.
[Members] do not need to worry that the loss of the data is going to mean wholesale fraud, we are warning people that it has happened and that they need to be aware that potentially someone could have got hold of their information.”
SCU has advised their users to monitor their bank accounts in case of any unusual activity.
Let us know your thoughts below.