Kinetic Potential Cybersecurity News

West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach

Mon, 09/15/2025 - 09:50 / 0 Comments

Fairmont Federal Credit Union is notifying over 187,000 individuals that their personal and financial information was stolen in a two-year-old data breach.

A not-for-profit financial organization, Fairmont Federal Credit Union offers services such as business and home mortgage loans, financial first aid, and personal checking. It operates nine regional branches in West Virginia.

The organization discovered the cybersecurity incident on January 23, 2024 and launched a prompt and thorough forensic investigation, concluding on August 17, 2025, that files stolen from its network contained personal information.

The data breach, however, had occurred four months prior to discovery, with the attackers maintaining access to the credit union’s network between September 30 and October 18, 2023.

Now, two years after the fact, the credit union is notifying (PDF) its customers that the hackers stole files containing their names, dates of birth, Social Security numbers, driver’s license numbers, government ID numbers, financial information, medical and health insurance information, and other personal data.

More alarming is that the stolen information contains full credit card/debit card details, including card numbers, security codes/PIN numbers, and expiration dates. IRS PIN numbers, tax ID numbers, routing numbers, and full access credentials were also compromised in the data breach.

“To date, FFCU is not aware of any incidents of identity theft or financial fraud as a result of the incident,” Fairmont Federal Credit Union says.

Late last week, the credit union told the Maine Attorney General’s Office it is providing written notices to 187,038 individuals affected by the data breach.

The impacted individuals have been provided with 12 or 24 months of free identity theft protection and credit monitoring services

The credit union did not say who was responsible for the data breach, but it appears that it discovered the incident on the same day that the Black Basta ransomware group added it to its Tor-based leak site.

One of the most prolific ransomware gangs, with over 500 victims worldwide and more than $100 million received in ransom payments, Black Basta has been inactive since January 2025.

This article was published by Security Week. Please check their website for the original content.

Add new comment

About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
1 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Share The Story


Stay informed - subscribe to our newsletter.
The subscriber's email address.

Recent Posts