SAFE Credit Union

The California Office of the Attorney General disclosed on December 30, 2022, that SAFE Credit Union suffered a data breach affecting debit and credit card transactions conducted via ATMs between October 1, 2022, and November 23, 2022. The incident exposed sensitive payment details, including card numbers, cardholder names, and PINs, potentially enabling unauthorized access or fraudulent transactions. While the breach did not involve broader personal data (e.g., Social Security numbers or addresses), the compromise of financial credentials poses significant risks, such as account takeovers, unauthorized withdrawals, or identity theft for affected customers. The exposure of PINs further escalates the threat, as it eliminates a critical layer of authentication for ATM and point-of-sale transactions. SAFE Credit Union likely initiated mitigation measures, such as card reissuance, transaction monitoring, and customer notifications, but the incident underscores vulnerabilities in payment system security and the persistent targeting of financial institutions by cybercriminals. The breach’s scope spanning nearly two months highlights potential delays in detection, amplifying the window for exploitation.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-560555

TPRM report: https://www.rankiteo.com/company/safe-credit-union

"id": "saf004091825",
"linkid": "safe-credit-union",
"type": "Breach",
"date": "10/2022",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Financial Services',
                        'location': 'California, USA',
                        'name': 'SAFE Credit Union',
                        'type': 'Credit Union'}],
 'data_breach': {'personally_identifiable_information': ['cardholder names'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['payment card data',
                                              'personal identification data']},
 'date_publicly_disclosed': '2022-12-30',
 'description': 'The California Office of the Attorney General reported that '
                'SAFE Credit Union experienced a data breach potentially '
                'compromising debit and credit card information during ATM '
                'transactions from October 1, 2022, to November 23, 2022. The '
                'exposed information may include card numbers, cardholder '
                'names, and PINs.',
 'impact': {'data_compromised': ['card numbers', 'cardholder names', 'PINs'],
            'identity_theft_risk': 'High (PINs and card details exposed)',
            'payment_information_risk': 'High (debit/credit card information '
                                        'exposed)',
            'systems_affected': ['ATM systems']},
 'references': [{'date_accessed': '2022-12-30',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'SAFE Credit Union Data Breach (2022)',
 'type': 'Data Breach'}

SAFE Credit Union

Alfa Bank and Ministry of Defense: Russia’s Crackdown on Probiv Data Leaks May Have Fed the Beast Instead

Coupang: Nomura downgrades Coupang to 'neutral' on data breach, regulatory risks

Dartmouth College, Harvard University, Princeton University, Columbia University and Clemson University: Why Cyberattacks in Higher Ed Keep Proliferating