Fairmont Federal Credit score Union is notifying over 187,000 people that their private and monetary data was stolen in a two-year-old knowledge breach.
A not-for-profit monetary group, Fairmont Federal Credit score Union presents companies similar to enterprise and residential mortgage loans, monetary first help, and private checking. It operates 9 regional branches in West Virginia.
The group found the cybersecurity incident on January 23, 2024 and launched a immediate and thorough forensic investigation, concluding on August 17, 2025, that information stolen from its community contained private data.
The information breach, nevertheless, had occurred 4 months previous to discovery, with the attackers sustaining entry to the credit score union’s community between September 30 and October 18, 2023.
Now, two years after the actual fact, the credit score union is notifying (PDF) its clients that the hackers stole information containing their names, dates of start, Social Safety numbers, driver’s license numbers, authorities ID numbers, monetary data, medical and medical insurance data, and different private knowledge.
Extra alarming is that the stolen data comprises full bank card/debit card particulars, together with card numbers, safety codes/PIN numbers, and expiration dates. IRS PIN numbers, tax ID numbers, routing numbers, and full entry credentials had been additionally compromised within the knowledge breach.
“Thus far, FFCU shouldn’t be conscious of any incidents of identification theft or monetary fraud on account of the incident,” Fairmont Federal Credit score Union says.
Late final week, the credit score union instructed the Maine Legal professional Normal’s Workplace it’s offering written notices to 187,038 people affected by the information breach.Commercial. Scroll to proceed studying.
The impacted people have been supplied with 12 or 24 months of free identification theft safety and credit score monitoring companies
The credit score union didn’t say who was answerable for the information breach, however it seems that it found the incident on the identical day that the Black Basta ransomware group added it to its Tor-based leak website.
One of the prolific ransomware gangs, with over 500 victims worldwide and greater than $100 million acquired in ransom funds, Black Basta has been inactive since January 2025.
Associated: UK Prepare Operator LNER Warns Prospects of Knowledge Breach
Associated: 100,000 Impacted by Cornwell High quality Instruments Knowledge Breach
Associated: South Dakota’s Noem Says Cell Telephone Quantity Hacked
Associated: Hack Exposes Private Knowledge of Whole Swiss City: Report
