Generations Federal Credit Union: Generations FCU board member shut out of data breach settlement

Generations Federal Credit Union Settles Class-Action Lawsuit Over 2022 Data Breach

In June 2023, San Antonio-based Generations Federal Credit Union finalized a class-action settlement over a December 2022 data breach that exposed sensitive information of 18,000 members. The breach compromised personal data, including names, addresses, Social Security numbers, driver’s license and passport details, credit/debit card numbers, and medical records.

As part of the settlement, approved by State District Judge Rosie Alvarado, Generations agreed to enhance its data security practices for two years, though specific measures were not disclosed. The credit union denied wrongdoing but will provide affected members with reimbursement options, including:

Up to $500 for ordinary losses
Up to $4,500 for fraud-related expenses
Up to $80 for time spent managing breach-related issues
Two years of free credit monitoring and identity theft protection through major credit bureaus

The settlement faced objections from former board member Anthony Rogers, who argued that officers and directors including those affected were excluded from the class. Rogers, who resigned in January 2023, claimed he suffered financial losses but was barred from participating. The judge ruled he lacked standing to object.

Generations, a member-owned credit union serving city employees, police, and firefighters, reported 47,175 members and 170 employees as of June 2023. The breach’s full impact remains unclear, as forensic investigations could not confirm whether data was exfiltrated.

The named plaintiff, Jamarius Davis, will receive a $2,500 service award, while class counsel stands to collect $120,000 in legal fees. No other class members objected, though two opted out.

Source: https://www.expressnews.com/business/article/data-breach-settlement-generations-credit-union-21304427.php

Generations Federal Credit Union cybersecurity rating report: https://www.rankiteo.com/company/generationsfcu

"id": "GEN1768948309",
"linkid": "generationsfcu",
"type": "Breach",
"date": "12/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '18,000 members',
                        'industry': 'Financial Services',
                        'location': 'San Antonio, Texas, USA',
                        'name': 'Generations Federal Credit Union',
                        'size': '47,175 members, 170 employees',
                        'type': 'Credit Union'}],
 'customer_advisories': 'Reimbursement options and credit monitoring provided '
                        'to affected members',
 'data_breach': {'data_exfiltration': 'Unconfirmed',
                 'number_of_records_exposed': '18,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Addresses',
                                              'Social Security numbers',
                                              'Driver’s license details',
                                              'Passport details',
                                              'Credit/debit card numbers',
                                              'Medical records']},
 'date_detected': '2022-12',
 'date_publicly_disclosed': '2023-06',
 'date_resolved': '2023-06',
 'description': 'Generations Federal Credit Union settled a class-action '
                'lawsuit over a December 2022 data breach that exposed '
                'sensitive information of 18,000 members, including names, '
                'addresses, Social Security numbers, driver’s license and '
                'passport details, credit/debit card numbers, and medical '
                'records.',
 'impact': {'data_compromised': 'Personal data, including names, addresses, '
                                'Social Security numbers, driver’s license and '
                                'passport details, credit/debit card numbers, '
                                'and medical records',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Class-action lawsuit settlement',
            'payment_information_risk': 'High'},
 'investigation_status': 'Forensic investigation completed (data exfiltration '
                         'unconfirmed)',
 'post_incident_analysis': {'corrective_actions': 'Enhanced data security '
                                                  'practices for two years'},
 'references': [{'source': 'Class-action settlement announcement'}],
 'regulatory_compliance': {'legal_actions': 'Class-action lawsuit settlement'},
 'response': {'remediation_measures': 'Enhanced data security practices for '
                                      'two years'},
 'title': 'Generations Federal Credit Union Data Breach Settlement',
 'type': 'Data Breach'}

Generations Federal Credit Union: Generations FCU board member shut out of data breach settlement — here’s why

Gateways Community Services: Gateways Community Services Data Breach Lawsuit Investigation

Sunet and Uppsala University: Suspected data breach involving personal data from Studium

Helix Energy Solutions Group and Inc.: Helix Energy Solutions Data Breach Lawsuit Investigation