Connect with us

Bussiness

No end in sight to Patelco Credit Union ransomware attack that crippled online banking for 500,000 members

Published

on

No end in sight to Patelco Credit Union ransomware attack that crippled online banking for 500,000 members

Lucy Flores attempts to check her balance at a Patelco ATM on Kala Bagai Way in downtown Berkeley, Calif., on Monday, July 1, 2024. “It makes me nervous not to be able to see what’s coming through my account,” Flores said. (Jane Tyska/Bay Area News Group)

​​DUBLIN – Four days after a ransomware attack crippled its systems, Patelco Credit Union remained unable to tell its members when banking operations would return to normal.

The Dublin-based credit union has not released additional details about the security breach that has left members barred from electronic payments, deposits and transfers since last weekend.

Customers continued on Tuesday to wait in lines to use bank ATMs and remained forced to visit Patelco branches throughout the state to withdraw cash, though they are still unable to access their statement balances or any information regarding their online banking.

Enrique Juarez, one of the credit union’s estimated 500,000 members, visited the Story Road branch in San Jose to ask about his social security check, which bounced and is his only source of income since retiring in January. A banker told him to check with the federal agency, he said Tuesday.

“I’ve never had a problem before,” said Juarez, a San Jose resident and retired warehouse worker. “Everything’s frozen, I can’t even check my balance until this is resolved – and they don’t know” when that will happen.

Ahmed Banafa, a San Jose State University lecturer and expert in cybersecurity, said Tuesday that it looks likely that hackers infiltrated the bank’s internal databases via a “phishing email” and encrypted its contents, locking out the bank from its own systems.

“The hackers, what they do usually, they ask for cryptocurrency, they ask for payment. That’s why it’s called ransomware,” Banafa said.

Patelco is estimated to manage more than $9 billion in assets across 37 branches statewide. It is unclear how many of the bank’s half a million accounts have been compromised and to what extent the bank’s assets have been affected.

Banafa called Patelco a “soft target” for hackers, or a target with low security such as schools and hospitals, compared to other higher-profile companies with more sophisticated cybersecurity protections such as federal government databases. It is possible the hackers are targeting either personal information of bank customers or money directly from the credit union, he said.

“This kind of information, hackers can take this information and sell it on the dark web and they can use it,” Banafa said, referring to illegal online servers selling contraband and other illegal services.

He said likely the hackers will demand an amount of money from the credit union to restore its systems back to normal, and will continue to hold the bank’s accounts hostage until either the bank finds a way around the hack or until the hackers are paid. He said payment is usually demanded in crypto currencies, such as BitCoin, and often transferred to an offshore account outside of the U.S.

After Patelco waited more than 24 hours to release an update regarding the initial attack on Saturday, Banafa said “it was clear they are struggling.”

Patelco created a dedicated website Monday to update customers on the security breach, with another message from CEO Erin Mendez. Mendez wrote that they continue working with “third party cybersecurity experts” to restore Patelco functions, and that they have been cooperating with law enforcement authorities.

“To our valued members – please know that if you incur a late payment fee because of this outage, rest assured we will reimburse you for those fees. If any of our members have concerns about late payments impacting their credit score, we will write letters on your behalf. We will also waive any Patelco overdraft, late payment or ATM fees until we are back up and running,” Mendez wrote.

And she added that “we sincerely apologize for the inconvenience our members have experienced and look forward to providing more updates in the coming days and weeks.”

Continue Reading