Lucy Flores tries to check her balance at a Patelco ATM on Kala Bagai Way in downtown Berkeley, Calif., on Monday, July 1, 2024. “It makes me nervous not being able to see what’s coming into my account,” Flores said. (Jane Tyska/Bay Area News Group)
DUBLIN – Four days after a ransomware attack crippled its systems, Patelco Credit Union still has no indication to its members when banking operations will return to normal.
The Dublin-based credit union has not released further details about the security breach that has prevented its members from making payments, deposits and electronic transfers since last weekend.
Customers continued to queue up to use bank ATMs on Tuesday and were forced to visit Patelco branches across the state to withdraw cash, although they were still unable to access their statement balances or any information about their online banking transactions.
Enrique Juarez, one of the credit union’s 500,000 members, went to the Story Road branch in San Jose to inquire about his Social Security check, which had bounced and has been his only source of income since he retired in January. A banker advised him to check with the federal agency, he said Tuesday.
“I’ve never had a problem before,” said Juarez, a San Jose resident and retired warehouse worker. “Everything is blocked, I can’t even check my balance until the problem is fixed — and they don’t know” when that will happen.
Ahmed Banafa, a San Jose State University professor and cybersecurity expert, said Tuesday that it appeared likely that hackers infiltrated the bank’s internal databases through a “phishing email” and encrypted its contents, blocking the bank’s access to its own systems.
“Hackers, in general, ask for cryptocurrencies, they ask for payment. That’s why it’s called ransomware,” Banafa said.
Patelco is estimated to manage more than $9 billion in assets at 37 branches across the state. It is unclear how many of the bank’s 500,000 accounts were compromised and to what extent the bank’s assets were affected.
Banafa called Patelco a “soft target” for hackers, or a weak target like schools and hospitals, compared to other, more well-known companies with more sophisticated cybersecurity protections like federal government databases. It’s possible that hackers could target either the personal information of the bank’s customers or money that comes directly from the credit union, he said.
“This kind of information, hackers can take it and sell it on the dark web and they can use it,” Banafa said, referring to illegal online servers selling contraband and other illegal services.
He said the hackers will likely demand a certain amount of money from the credit union to restore its systems to normal and will continue to hold the bank’s accounts hostage until the bank finds a way around the hack or until the hackers are paid. He said the payment is typically demanded in cryptocurrencies, such as Bitcoin, and often wired to an offshore account outside the United States.
After Patelco waited more than 24 hours to issue an update on the initial attack on Saturday, Banafa said “it was clear they were in trouble.”
Patelco set up a dedicated website on Monday to notify its customers of the security breach, with another message from CEO Erin Mendez. Mendez wrote that they continue to work with “third-party cybersecurity experts” to restore Patelco’s functionality, and that they are cooperating with law enforcement authorities.
“To our valued members, please know that if you incur late payment fees due to this outage, rest assured that we will reimburse you for those fees. If any of our members are concerned that late payments will impact their credit score, we will write letters on their behalf. We will also waive all Patelco overdraft, late payment, or ATM fees until we are back up and running,” Mendez wrote.
She added: “We sincerely apologize for the inconvenience this may cause our members and look forward to providing further updates in the days and weeks ahead.”
Banafa said the fact that whoever carried out this attack chose the start of a new month and an upcoming holiday to strike was also entirely intentional.
“The timing is very bad for users, but it’s actually well-planned for hackers,” Banafa said. “The problems are amplified by the timing… The people who planned this did it at a time when there was a lot of money.”
Many customers found themselves unable to figure out how to pay their rent, mortgage and other bills.
“I don’t feel comfortable using my card, even though I can,” said Lakeisha Thomas of downtown San Jose, who added that her bills are piling up and she’s afraid her account will be overdrawn because she doesn’t know how much is left right now. “I don’t want to be in debt later.”
Jermaine Johnson, a Mountain View resident, said in an interview that he would likely transfer his savings account to another bank after hearing about the four-day debacle Tuesday.
“It’s scary, first of all,” Johnson said. “If I didn’t have the little bit of money that I had in there, I would have been even more terrified. But it’s terrifying because you put your finances in a place that you think is safe, and it turns out it’s not.”
News Source : www.mercurynews.com
Gn bussni
