Patelco Credit Union: Network “stabilized” after crippling cyberattack

DUBLIN – Patelco’s president and CEO has announced that its network has been “stabilized” and is now processing transactions, because the devastating cyberattack that crippled the corporate’s systems stays unresolved.

“Once this is complete and we achieve full banking functionality, our members will be able to access their balances and accounts as they would under normal circumstances,” Erin Mendez, head of the Dublin-based credit union, wrote on Sunday. “I cannot give an exact date when we will return to normal business operations, but we can see the light at the end of the tunnel.”

Mendez's announcement follows a tumultuous 10-day period during which half 1,000,000 customers were locked out of their accounts because of a ransomware attack on June 29, which put your complete Patelco system vulnerable to exposing financial and private information to an out of doors attacker.

At least one dissatisfied customer has decided to take one among the country's largest credit unions to court. A California resident named Shawn Kent filed suit in Alameda County Superior Court on July 3, claiming that Patelco “willfully, intentionally, recklessly and/or negligently” did not protect its customers' private information.

“This is especially true given that (Patelco) is a large, sophisticated company with the resources to implement appropriate data security protocols,” said the lawsuit filed by attorneys Scott Edward Cole and Laura Grace Van Note, who’re in search of a category motion lawsuit.

The Oakland-based lawyers also wrote that Patelco created a “significantly increased risk of fraud, identity theft and misuse” of its customers' private information. Kent desired to be sure that his own private information was “protected and safeguarded from future breaches,” the lawsuit said.

Private data and bank details may be sold for between $40 and $200 on the darknet or on illegal online servers, the lawyers claim. “Criminals can also buy access to entire company data for between $999 and $4,995.”

Given the variety of recent high-profile data thefts targeting large corporations, Patelco and Cole must have known that their security systems didn’t adequately protect their customers' information. The credit union “could have prevented the attack” by “properly securing and encrypting and/or more securely encrypting” their private information, the court filing said.

Rina Johnson, vice chairman of selling at Patelco, declined to answer a request for comment on the lawsuit on Monday.

“We are fully focused on resuming operations and ensuring our members are supported throughout the process,” Johnson wrote in an email.

Kent is in search of compensation and payment for the “actual, nominal and consequential damages” he suffered because of this of the recent ransomware attack. He says he suffered “loss of time, annoyance, disruption and inconvenience” because of this of the attack, in addition to “anxiety and increasing concerns about loss of privacy.”

As of late Monday afternoon, customers still couldn’t access their account balances online, nor could they send or receive money directly except through Venmo or PayPal. The credit union has urged customers to go to any of its 37 branches across the state for assistance for the reason that lockdown began, though some services akin to debit card transactions and ATM capabilities have been limited.

But Mendez assured customers that “our members’ money is safe and secure and we are working hard toward full functionality.”

“I know I've told you this before, but restoring our systems while ensuring their future security requires careful and methodical work,” Mendez wrote. “I know this may not move as quickly as you would like, but rest assured that we are working as quickly as we can and know how important this is to our members.”

image credit :