Customer accounts remain blocked

​​DUBLIN – Four days after a ransomware attack crippled Patelco Credit Union’s systems, the union was still unable to inform its members when banking operations would return to normal.

The Dublin-based credit union has not disclosed further details in regards to the security breach, which has left its members unable to make electronic payments, deposits and transfers since last weekend.

On Tuesday, customers continued to attend in queues at ATMs and were still forced to go to Patelco branches across the state to withdraw money, but were still unable to access their account balances or online banking information.

Enrique Juarez, certainly one of the credit union's estimated 500,000 members, visited the branch on Story Road in San Jose to inquire about his Social Security check, which had bounced and has been his only source of income since he retired in January. A bank worker told him to examine with the federal agency, he said Tuesday.

“I've never had a problem,” said Juarez, a retired warehouse employee who lives in San Jose. “Everything is frozen, I can't even check my account balance until the problem is resolved – and they don't know” when that can occur.

Ahmed Banafa, a lecturer at San Jose State University and a cybersecurity expert, said Tuesday that it was likely that hackers had penetrated the bank's internal databases via a “phishing email” and encrypted their contents, locking the bank out of its own systems.

“The hackers usually demand cryptocurrency, they demand payment. That's why it's called ransomware,” Banafa said.

Patelco is estimated to administer over $9 billion in assets in 37 branches across the state. It is unclear how most of the bank's 500,000 accounts were compromised and the extent to which the bank's assets have been affected.

Banafa called Patelco an “easy target” for hackers, or a low-security goal akin to schools and hospitals, in comparison with other better-known corporations with more sophisticated cybersecurity safeguards akin to federal government databases. It's possible the hackers are targeting either personal information from bank customers or money directly from the credit union, he said.

“Hackers can take this kind of information and sell and exploit it on the dark web,” Banafa said, referring to illegal online servers that sell contraband and other illegal services.

He said the hackers would likely demand a sum of cash from the credit union to return its systems to normal, and they’d proceed to carry the bank's accounts hostage until the bank either finds a option to circumvent the hack or until the hackers are paid. He said payment will likely be demanded in cryptocurrencies akin to BitCoin and is usually wired to an offshore account outside the U.S.

After Patelco waited greater than 24 hours to offer an update on the initial attack on Saturday, Banafa said, “It was clear they were having problems.”

Patelco arrange its own website on Monday to notify customers of the breach, with one other message from CEO Erin Mendez. Mendez wrote that they’re continuing to work with “external cybersecurity experts” to revive Patelco's functionality and that they’re cooperating with law enforcement.

“To our valued members – rest assured that we will refund any fees you are charged late due to this outage. If any of our members have concerns about late payments impacting their credit score, we will write letters on your behalf. We will also waive any Patelco overdraft, late payment or ATM fees until we are back up and running,” Mendez wrote.

She added: “We sincerely apologize for the inconvenience our members have experienced and look forward to providing further updates in the coming days and weeks.”

Banafa said the perpetrator also deliberately carried out this attack by selecting the start of a brand new month and an upcoming holiday because the goal.

“The timing is very bad for the users, but it's well planned for the hackers,” Banafa said. “The problems are made worse by the timing… The people who planned this planned it when there was a lot of money at stake.”

Many customers face the issue of paying their rent, mortgage and other bills.

“I don't feel comfortable using my card even though I could,” said Lakeisha Thomas of downtown San Jose. She added that her bills are piling up and he or she's afraid of overdrawing her account because she doesn't understand how much money is in her account at any given time. “I don't want to owe anything later.”

Jermaine Johnson, a Mountain View resident, said in an interview that he would likely move his savings account to a different bank after first hearing in regards to the debacle 4 days ago on Tuesday.

“It's scary to begin with,” Johnson said. “If I didn't have the small amount of money that's in there, I'd be even more scared. But it's scary because you put your money in a place that you think is safe and then it turns out it's not safe.”

image credit : www.mercurynews.com