Wednesday, March 4, 2020

CUSO Allegedly Hacked

CU Today is reporting that a credit union service organization (CUSO), CU Collections based in Manassas, Virginia, was allegedly hacked by by a criminal organization called Maze.

The alleged data breach was reported by security firm Emsisoft to CU Today.

The stolen sensitive member information included home addresses, Social Security numbers, work and cell phone numbers, and member numbers, as well as other information in the collection files.

CU Today wrote that the company did not comment on the alleged data breach.

Currently, the National Credit Union Administration (NCUA) does not have the authority to examine third party vendors.

This alleged hack of sensitive member data at a third party vendor shows why the NCUA needs to be added to the Bank Service Company Act.

Read more.

No comments:

Post a Comment


The content is provided for educational purposes only, with the understanding that neither the authors, contributors, nor the publishers of this site are engaged in rendering legal, accounting or other expert or professional services. If legal or other expert assistance is required, the services of a competent professional should be sought.

Comments appearing in response to articles appearing on this site do not necessarily reflect the views of the ABA. ABA makes no representations regarding the truth or accuracy of commentary or opinions that may be posted in response to the articles that appear on this website.

The inclusion herein of any link to a website, either in the text of an article or in a comment, does not denote any approval, sponsorship, or endorsement by the ABA, and ABA is not responsible for the content or opinions expressed on those linked websites or related commentary. This content is not licensed to third parties sites and is not affiliated with any third party site. Any reference to the author or this content on any third party site on the Internet is not authorized by the ABA.

It is the policy of the American Bankers Association to comply fully with all antitrust laws. Certain discussions should be considered off-limits, including those that contain competitively sensitive data such as price and cost information, or statements that could be construed as reflecting an attempt or desire to control or influence a particular market or markets. Future pricing or other prospective competitive information should never be shared.