60 US credit unions offline after cloud ransomware infection The Register

A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor.
This is according to the National Credit Union Administration, which on Friday told The Register it is fire-fighting the situation with the credit unions downed this week by the intrusion.
The NCUA regulates and insures these financial orgs.
"I can confirm that approximately 60 credit unions are currently experiencing some level of outage due to a ransomware attack at a third-party service provider," the NCUA spokesperson said.
"Member deposits at affected federally insured credit unions are insured by the National Credit Union Share Insurance Fund up to $250,000."
We're told the unions' IT provider Ongoing Operations - ironic - was hit by ransomware on Sunday, sparking days of disruption for the biz's clients.
It's believed the cloud provider was infiltrated via the Citrix Bleed vulnerability.
On November 26, 2023, we were victimized by a sophisticated ransomware attack.
Upon discovery, we took immediate action to address and investigate the incident, which included engaging third-party specialists to assist with determining the nature and scope of the event.
At this time, our investigation is currently ongoing, and we will continue to provide updates as necessary.
On Thursday, northern New York's Mountain Valley Federal Credit Union appeared to be one of the many orgs suffering "System downtime" as a result of a ransomware infection at Ongoing Operations.
Mountain Valley's CEO described it as a "Nationwide" issue.
"It has been brought to our attention by our data processor - FedComp Inc, that the third-party vendor of our computer operating system 'Trellance' was the victim of a ransomware attack," boss Maggie Pope said [PDF] in a letter to her credit union members.
Mountain Valley's Pope continued in her note to customers: "Trellance has indicated that our member information has not been affected by this incident. Because of this, Trellance must move to a new server system. Trellance and FedComp have been working around the clock to get our systems along with other credit unions around the country that have experienced the same issue back online."
Pope did not respond to The Register's inquiries, nor did Trellance.
This incident is isolated to a segment of the Ongoing Operations network and our team is diligently working around the clock to minimize service interruptions wherever possible and to ensure the safety of information stored on our systems.
The investigation to determine what impact this incident may have had on information stored on our network systems is ongoing.
We are also engaging leading experts to recommend and implement additional measures designed to increase our data security and block further unauthorized access to our systems moving forward.
According to its website, Trellance has "Hundreds" of customers across the US. A FedComp employee told The Register that both Trellance and FedComp are "Working to fix" the mess, while a FedComp spokesperson said the outfit had "No comment on the third-party incident."
The NCUA told us it has informed the US Treasury Department, CISA, and the FBI about the cyber-break-in.


This Cyber News was published on go.theregister.com. Publication date: Sat, 02 Dec 2023 00:43:06 +0000


Cyber News related to 60 US credit unions offline after cloud ransomware infection The Register

60 US credit unions offline after cloud ransomware infection The Register - A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. This is according to the National Credit Union Administration, which on Friday told The ...
10 months ago Go.theregister.com
Ransomware attack on Patelco Credit Union causes confusion ahead of holiday weekend - One of the largest credit unions on the West Coast continues to struggle with its operations following a ransomware attack that began on Saturday. Patelco Credit Union - one of the nation's oldest credit unions with more than $9 billion in assets - ...
3 months ago Therecord.media
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
9 months ago Techtarget.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
7 months ago Techtarget.com
Credit union operations restored after tech supplier ransomware attack - The federal agency that oversees credit unions said operations at about 60 of the organizations have been restored following a ransomware attack last month. Ongoing Operations, a cloud services provider owned by credit union technology firm ...
9 months ago Therecord.media
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
10 months ago Cybersecurity-insiders.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
9 months ago Techtarget.com
60 US credit unions offline after cloud ransomware infection The Register - A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. This is according to the National Credit Union Administration, which on Friday told The ...
10 months ago Theregister.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
9 months ago Feeds.dzone.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
4 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
4 months ago Esecurityplanet.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
7 months ago Esecurityplanet.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
9 months ago Feeds.dzone.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
5 months ago Crowdstrike.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
3 months ago Esecurityplanet.com
What is cloud load balancing? - Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Cloud load balancing helps enterprises achieve ...
6 months ago Techtarget.com
Managing the Requirements of a MultiCloud System - The use of digital technology has advanced to include cloud computing in the delivery of services, cost reduction, increased agility, and improved security. The emergence of various cloud solutions has led organizations to move their assets from ...
1 year ago Blog.isc2.org
Cloud Security: Ensuring Data Protection in the Cloud - Data Encryption: Protecting sensitive data is a top priority in cloud security. Cloud security is of utmost importance when it comes to protecting and ensuring the confidentiality of data stored and transmitted in the cloud. Data protection in the ...
8 months ago Securityzap.com
What is a cloud application? - A cloud application, or cloud app, is a software program where cloud-based and local components work together. Cloud application servers are typically located in a remote data center operated by a third-party cloud services infrastructure provider. ...
6 months ago Techtarget.com
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
5 months ago Techtarget.com
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
3 months ago Crowdstrike.com
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
10 months ago Feeds.dzone.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
9 months ago Techtarget.com
Cloud Security Best Practices for Businesses - In today's digital landscape, ensuring robust cloud security is a crucial priority for businesses. The increasing reliance on cloud services to store and process sensitive data necessitates organizations to adopt best practices to safeguard their ...
8 months ago Securityzap.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
9 months ago Feeds.fortinet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)