SRP Federal Credit Union reports data breach exposing 240k individuals

SRP Federal Credit Union, a South Carolina financial institution is reporting a significant cybersecurity incident affecting more than 240,000 individuals.

The Nitrogen ransomware gang has claimed responsibility for the incident, stating they obtained 650 GB of customer data, though SRP Federal Credit Union has not confirmed the ransomware nature of the attack. The breach occurred between September 5 and November 4, 2024, with the investigation concluding on November 22.

The credit union has filed breach notifications with regulators in Maine and Texas, and law enforcement has been involved in the investigation.

Exposed Data Types:

• Names
• Social Security numbers
• Driver's license numbers
• Dates of birth
• Financial account numbers
• Credit/debit card numbers

The credit union claims that its online banking system and core processing system were not impacted by the attack.