Data Breach into Pentagon Federal Credit Union’s Database Affects US Military

Bob Styran, IT audit expert
January 15, 2011 /

A database at the Pentagon Federal Credit Union (PenFed) has fallen prey to a data breach discovered by security firm Kaspersky Lab, affecting more than 500 New Hampshire residents who are mostly members of the US military.

Paul Roberts of Kaspersky Lab confirmed that the breached PenFed database contained names, addresses, Social Security numbers, which was accessed by a hacker using a malware-infected laptop.

The data breach could expose all the individuals from the US military affected, including their families, to the risk of identity theft.

Kaspersky Lab said in its report that the cyber attack was discovered in December 12, 2010 when someone allegedly hacked one laptop in its internal network, gaining access to personal information of current members and information relating to former members, joint account holders and beneficiaries.

The Pentagon Federal Credit Union notified the New Hampshire Attorney General of the data breach as its law requires that all companies report all breaches involving its residents.

Executive vice president for operations of Pentagon Federal Credit Union Roderick Mitchell said there has been no indication that personal information of the customers, including PIN or passwords, has been misused.

All 514 affected customers, current and former, have already received information of their new accounts through an email from the federal credit union following the data breach, though the extent of it has not yet been established.

Pentagon Federal Credit Union has its headquarters in Alexandria, Virginia regulated by the National Credit Union Administration. The federal credit union has assets of more than $15 billion with millions of customers, including those from the US Air Force, Army, Coast Guard, and several departments of the US government.

 

Share your opinion