HAWAII FIRST FEDERAL CREDIT UNION

HAWAII FIRST FEDERAL CREDIT UNION

The employee's email account of Hawaii First Federal Credit Union was accessed by an unauthorized individual that compromised the personal information of its customers.

The compromised data included names, addresses, Social Security numbers, bank account numbers, and other personal information of employees and customers.

The Federal Credit Union immediately terminated the access, reset all the passwords and implemented the security procedures, and notified the affected persons.

Source: https://www.scmagazine.com/news/breach/hawaii-credit-union-notifies-customers-of-employee-email-breach

TPRM report: https://scoringcyber.rankiteo.com/company/hawaii-first-federal-credit-union

"id": "haw133720422",
"linkid": "hawaii-first-federal-credit-union",
"type": "Breach",
"date": "09/2015",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Finance',
                        'location': 'Hawaii',
                        'name': 'Hawaii First Federal Credit Union',
                        'type': 'Financial Institution'}],
 'attack_vector': 'Email Account Compromise',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Financial Information']},
 'description': "An unauthorized individual accessed an employee's email "
                'account at Hawaii First Federal Credit Union, compromising '
                'the personal information of its customers.',
 'impact': {'data_compromised': ['Names',
                                 'Addresses',
                                 'Social Security numbers',
                                 'Bank account numbers',
                                 'Other personal information'],
            'systems_affected': ['Employee Email Account']},
 'initial_access_broker': {'entry_point': 'Email Account'},
 'post_incident_analysis': {'corrective_actions': ['Terminated Access',
                                                   'Reset Passwords',
                                                   'Implemented Security '
                                                   'Procedures'],
                            'root_causes': 'Weak or Compromised Credentials'},
 'response': {'communication_strategy': ['Notified Affected Persons'],
              'containment_measures': ['Terminated Access', 'Reset Passwords'],
              'incident_response_plan_activated': True,
              'remediation_measures': ['Implemented Security Procedures']},
 'threat_actor': 'Unauthorized Individual',
 'title': 'Unauthorized Access to Employee Email Account',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Weak or Compromised Credentials'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.