CUNA back online after ransomware attack
This story is an update to an item published on Feb. 5, 2020. CUNA confirmed on Feb. 7 that the incident was a ransomware attack.
The Credit Union National Association is fully back online following what it called a “cyber incident” earlier this week that impacted some of its IT systems.
Late Wednesday the trade group emailed an updated statement saying all access to its website and online resources had been restored for leagues and member credit unions.
“This is a business disruption issue,” the association said in an earlier statement. “CUNA does not store Social Security numbers or credit card numbers of our members. Based on our investigation to date, we have no evidence to suggest that any data in our system – such as names, businesses addresses and email addresses – have been accessed.”
Upon discovery, a third-party expert was immediately brought in to take action on the matter. The FBI is reportedly investigating the issue and CUNA pledged to cooperate throughout the ongoing process. Some of the organization's offices were reportedly closed following the event but all facilities are said to have been reopened.
Some cybersecurity experts who spoke to CU Journal said the incident could have been a ransomware attack, given that website access was compromised and no private data was taken. That fits the pattern of locking users out unless a ransom is paid, usually in cryptocurrency, they said.
CUNA representatives would neither confirm nor deny that ransomware was involved and the association declined to answer additional questions on the matter. The National Credit Union Administration had no comment on the issue.