Connex, one in every of Connecticut’s largest credit score unions, warned tens of hundreds of members that unknown attackers had stolen their private and monetary info after breaching its methods in early June.
Based in 1940, this member-owned group is a non-profit with over $1 billion in belongings, offering banking, insurance coverage, and bank card providers to greater than 70,000 members throughout eight branches all through the better New Haven space, together with New Haven, Hartford, Middlesex, and Fairfield counties.
In knowledge breach notification letters despatched to affected people by way of U.S. Mail and filed with the workplace of Maine’s Lawyer Common, Connex states that it found the incident on June 3, someday after its community was breached.
“The investigation revealed that sure information could have been accessed or downloaded with out authorization between June 2 and three, 2025,” it stated. “On July 27, 2025, Connex recognized sure people whose private info could have been concerned within the incident.”
The non-profit has but to seek out proof that the attackers gained entry to the affected members’ funds or accounts, however has found that they stole a mixture of non-public and monetary knowledge, together with names, account numbers, debit card info, Social Safety numbers, and authorities IDs.
Whereas the breach notification letters do not point out something in regards to the stolen knowledge being utilized in assaults, Connex now shows a rip-off alert on its official web sites, cautioning members of scammers impersonating its staff in ongoing phishing assaults.
“Please bear in mind that scammers are calling/texting members impersonating Connex staff. Connex won’t ever name you and ask for PINs, passcodes, or account numbers,” Connex warns. “For those who obtain a suspicious name or textual content, dangle up and name us straight at 1-800-CR-UNION (203-603-5700).”
The disclosure comes on the heels of a wave of information breaches linked to the ShinyHunters extortion group, which targets Salesforce cases in vishing and social engineering assaults, impacting many high-profile firms, together with Allianz Life, Adidas, Qantas, Louis Vuitton, Dior, Tiffany & Co., Chanel, and Google.
The insurance coverage sector has additionally been focused by assaults linked to the Scattered Spider hacker collective, which has shifted its focus to aviation companies and retail firms in current months.
Malware focusing on password shops surged 3X as attackers executed stealthy Excellent Heist situations, infiltrating and exploiting vital methods.
Uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and the right way to defend towards them.
