Akira Ransomware Group claims breach of Ellafi Federal Credit Union, exposing data of 17,627 people

Connecticut-based Ellafi Federal Credit Union reports a ransomware claimed by the Akira ransomware gang. The breach resulted in the compromise of personal and financial information belonging to 17,627 individuals. 

The attack was detected on October 14, 2025. By November 20, 2025, the credit union confirmed that the compromised files contained personal information belonging to members and customers. The Akira ransomware group claimed responsibility for the attack on November 3, 2025. The exposed data includes:

• Names
• Social Security numbers
• Credit card numbers
• Debit card numbers
• W-9 forms
• Contracts and confidential files
• Accounting and financial documents
• Human resources files
• Non-disclosure agreements

Ellafi Federal Credit Union notified affected individuals on December 23, 2025. To support affected individuals, the credit union is providing complimentary identity protection services, which include 12 months of credit monitoring, dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services. Affected individuals have until March 23, 2026, to enroll in these services.