Connex, one among Connecticut’s largest credit score unions, warned tens of hundreds of members that unknown attackers had stolen their private and monetary data after breaching its programs in early June.
Based in 1940, this member-owned group is a non-profit with over $1 billion in belongings, offering banking, insurance coverage, and bank card providers to greater than 70,000 members throughout eight branches all through the higher New Haven space, together with New Haven, Hartford, Middlesex, and Fairfield counties.
In data breach notification letters despatched to affected people through U.S. Mail and filed with the workplace of Maine’s Legal professional Basic, Connex states that it found the incident on June 3, sooner or later after its community was breached.
“The investigation revealed that sure information might have been accessed or downloaded with out authorization between June 2 and three, 2025,” it stated. “On July 27, 2025, Connex recognized sure people whose private data might have been concerned within the incident.”
The non-profit has but to search out proof that the attackers gained entry to the affected members’ funds or accounts, however has found that they stole a mix of private and monetary information, together with names, account numbers, debit card data, Social Safety numbers, and authorities IDs.
Whereas the breach notification letters do not point out something concerning the stolen information being utilized in assaults, Connex now shows a rip-off alert on its official web sites, cautioning members of scammers impersonating its staff in ongoing phishing assaults.
“Please bear in mind that scammers are calling/texting members impersonating Connex staff. Connex won’t ever name you and ask for PINs, passcodes, or account numbers,” Connex warns. “If you happen to obtain a suspicious name or textual content, cling up and name us immediately at 1-800-CR-UNION (203-603-5700).”
The disclosure comes on the heels of a wave of data breaches linked to the ShinyHunters extortion group, which targets Salesforce situations in vishing and social engineering assaults, impacting many high-profile corporations, together with Allianz Life, Adidas, Qantas, Louis Vuitton, Dior, Tiffany & Co., Chanel, and Google.
The insurance coverage sector has additionally been focused by assaults linked to the Scattered Spider hacker collective, which has shifted its focus to aviation corporations and retail corporations in current months.
Malware focusing on password shops surged 3X as attackers executed stealthy Excellent Heist situations, infiltrating and exploiting crucial programs.
Uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and learn how to defend in opposition to them.
