On November 12, 2025, Central One disclosed a data breach to the Attorney General of Texas, revealing that an unauthorized third party may have accessed its systems, compromising sensitive personal and protected health information. The exposed data includes names, Social Security numbers, driver’s license numbers, government-issued IDs (e.g., passports, state IDs), financial details (account, credit/debit card numbers), medical records, and health insurance information. The breach’s full scope remains undisclosed as of November 14, 2025, but notifications to affected individuals have begun. The incident poses severe risks, including identity theft, financial fraud, and misuse of health data, given the highly sensitive nature of the compromised information. The lack of public details suggests ongoing investigations, but the confirmed exposure of PII and PHI underscores the breach’s critical severity.
Source: https://straussborrelli.com/2025/11/14/central-one-federal-credit-union-data-breach-investigation/
TPRM report: https://www.rankiteo.com/company/central-one-federal-credit-union
"id": "cen0093000111525",
"linkid": "central-one-federal-credit-union",
"type": "Breach",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'location': 'Texas, USA', 'name': 'Central One'}],
'customer_advisories': 'Notices sent to impacted individuals',
'data_breach': {'data_exfiltration': 'Potentially accessed (unconfirmed)',
'personally_identifiable_information': ['Name',
'Social Security '
'number',
'Driver’s license '
'number',
'Government-issued ID '
'number (e.g., '
'passport, state ID '
'card)'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial Information']},
'date_publicly_disclosed': '2025-11-12',
'description': 'Central One reported a data breach to the Attorney General of '
'Texas, where sensitive personal identifiable information '
'(PII) and protected health information (PHI) in its systems '
'may have been accessed by an unauthorized third party. The '
'breach was reported on November 12, 2025, with notices being '
'sent to impacted individuals. The exact details of the breach '
'remain undisclosed as of November 14, 2025.',
'impact': {'data_compromised': ['Name',
'Social Security number',
'Driver’s license number',
'Government-issued ID number (e.g., passport, '
'state ID card)',
'Financial information (e.g., account number, '
'credit or debit card number)',
'Medical information',
'Health insurance information'],
'identity_theft_risk': 'High (PII and PHI exposed)',
'payment_information_risk': 'High (financial information exposed)'},
'investigation_status': 'Ongoing (details not publicly available as of '
'2025-11-14)',
'references': [{'date_accessed': '2025-11-14',
'source': 'Attorney General of Texas Breach Report'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to the '
'Attorney General of '
'Texas'},
'response': {'communication_strategy': 'Notices to impacted individuals via '
'Attorney General of Texas breach '
'report',
'incident_response_plan_activated': 'Yes (notices sent to '
'impacted individuals)'},
'title': 'Central One Data Breach - November 2025',
'type': 'Data Breach'}