Patelco Credit Union, one of the oldest and largest credit unions in the U.S., fell victim to a ransomware attack on June 29, 2024, forcing the institution to shut down most of its day-to-day banking systems. The attack has affected nearly half a million members across the Bay Area and Northern California, leaving them without access to crucial financial services.
The Dublin, Ohio-based credit union disclosed details of the security incident through social media and email communications from President and CEO Erin Mendez. While initial details were scarce, Patelco later confirmed the nature of the attack and its widespread impact on member services.
Scope Of Patelco Credit Union Attack
The ransomware attack has crippled Patelco’s online banking platform, mobile app, and call center operations after staff shut down these systems to contain the attack. Members are currently unable to perform electronic transactions such as transfers (including Zelle), direct deposits, balance inquiries, and online bill payments.
Debit and credit card transactions are functioning in a limited capacity, while ATM cash withdrawals and deposits remain available at Patelco and shared branch ATMs.
The credit union’s President and CEO, Erin Mendez, issued a statement on social media Saturday morning, announcing that services were unavailable due to a “serious security incident.” An email was sent to members later that day, revealing that the incident was a ransomware attack, confirming that the credit union had shut down its systems to contain and remediate the issue.
Patelco Credit Union Response and Recovery Efforts
In the email shared to Patelco members, Mendez apologized for the inconvenience and assured members that the credit union was working around the clock with third-party cybersecurity professionals to assess the situation and restore services. The credit union has warned members to expect longer than normal wait times at branches and through customer service channels.
While the full extent of the attack’s impact remains unclear, Patelco has assured members that they can still access cash from ATMs. The credit union has also set up a dedicated webpage for ongoing communications about the incident and system functionality updates.
The latest update on the security incident from the dedicated webpage states:
Please know that our team and third-party partners are working around the clock to get back up and running. We are committed to providing transparent and frequent updates to best of our ability as well as the best possible service that we can, given the disruption. We sincerely apologize for the inconvenience that this cyber attack has caused for our members. We anticipate longer than normal wait times and truly appreciate your patience and support during this difficult time.
The website also provides details on the availability of locations, categorizing them as available, limited functionality, and unavailable.
The site disclosed that there was no evidence that account information such as account number/member number, or online banking credentials such as mobile and online banking User IDs or passwords, were affected.