Cloud provider impacted by ransomware causes outages at 60 credit unions

Approximately 60 credit unions across the United States are currently facing outages due to a ransomware attack on Ongoing Operations, a cloud services provider used by these credit unions. The attack occurred on November 26, 2023 and has disrupted services and caused system downtime.

The National Credit Union Administration (NCUA), which insures deposits at federally insured credit unions, is closely coordinating with the affected credit unions. The incident did not impact member information, but it has necessitated a migration to new server systems.

The situation is still being resolved, with technicians working around the clock to restore services. The NCUA has informed various federal agencies, including the U.S. Treasury Department, the FBI, and CISA, about the breach.

The NCUA has also reported a significant rise in such attacks and emphasizes the vulnerability of credit unions, especially due to their reliance on third-party service providers. In response to these threats, the NCUA has implemented new rules requiring credit unions to report cyber incidents within 72 hours.