NORTH AUGUSTA, S.C.—The $1.8-billion SRP FCU has suffered possible data breach, according to several news reports.
On Dec. 12, the CU filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access the company’s computer network, JD Supra reported.
In the notice, SRPFCU explained the incident resulted in an unauthorized party being able to access consumers’ sensitive information.
“Upon completing its investigation, SRPFCU began sending out data breach notification letters to all 240,742 individuals whose information was affected by the recent data security incident,” JD Supra said.
JD Supra said SRPFCU’s filing with the Attorney General of Maine provides insights into what led up to the breach.
“SRPFCU recently detected suspicious activity within its computer network. In response, SRPFCU secured its systems, notified law enforcement and then launched an investigation with the help of an outside forensic security firm,” JD Supra said.
Through the investigation, SRPFCU confirmed that an unauthorized party was able to access portions of its computer network between Sept. 5 and November 4. During this time, the unauthorized party may have acquired files from SRPFCU’s network that contained confidential consumer information, JD Supra said.
After learning that sensitive consumer data was accessible to an unauthorized party, the CU reviewed the compromised files to determine what information was leaked and which consumers were impacted.
“SRPFCU recently completed this process, and on Dec. 12, sent out personalized data breach letters to anyone who was affected by the recent data security incident. While the publicly available data breach letter on the Maine Attorney General’s website doesn’t mention what information was leaked, these personalized data breach letters should provide victims with a list of what information belonging to them was compromised,” JD Supra said.