Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Fairmont Federal Credit Union 2023 data breach impacted 187K people

Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data. Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in West Virginia. It offers services like personal and business loans, mortgages, checking accounts, and financial aid, operating nine regional branches to serve its members. Fairmont Federal Credit […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data.

Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in West Virginia. It offers services like personal and business loans, mortgages, checking accounts, and financial aid, operating nine regional branches to serve its members.

Fairmont Federal Credit Union warned 187038 members that their data was stolen in a 2023 breach, exposing personal, financial, and medical details.

The organization discovered the security breach in January 2024 and investigated the incident until August 2025. The not-for-profit financial cooperative discovered that threat actors had already broken in months earlier, between late September and mid-October 2023, and stolen personal data.

“After an extensive investigation, we concluded on or about August 17, 2025 that one or more of the files accessed and/or acquired by the unauthorized party between September 30, 2023 and October 18, 2023 may contain personal information including, full name, date of birth, address, Social Security number, U.S. Alien registration number, passport number, driver’s license or state ID number, military ID number, Tax ID number, non-U.S. national identification number, financial account number, routing number, financial institution name, credit card/debit card number, security code/PIN number, credit card/debit card expiration date, IRS PIN number, treatment information/diagnosis, prescription information, provider name, MRN/patient ID, Medicare/Medicaid number, health insurance policy/subscriber number, other health insurance information, treatment cost information, full access credentials, security questions and answers, and digital signatures.” reads the data breach notification letter sent to the impacted individuals.

The exposed information varies for each individual, however in incident also exposed financial data such as card/debit card details.

FFCU says no fraud has been reported but recommends impacted individuals to stay vigilant. Starting Sept 11, 2025, the organization also offered guidance, free credit reports, and credit monitoring for those customers with exposed SSNs.

“To date, we are not aware of any reports of identity fraud as a direct result of this incident. Nevertheless, in response to the incident, we are offering complimentary access to Experian IdentityWorksSM for 12 or 24 months.” continues the Data Breach Notification sent to the Maine Attorney General. “If you believe there was fraudulent use of your information as a result of this incident and would like to discuss how you may be able to resolve those issues, please reach out to an Experian agent.”

FFCU did not share technical details about the attack, however the Black Basta ransomware group claimed responsibility for the security breach.

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. As of May 2024, Black Basta has impacted over 500 organizations worldwide.

In May 2024, the FBI, CISA, HHS, and MS-ISAC issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative.

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms.

In February 2025, leaked Black Basta chat logs reveal internal conflicts, exposing member details and hacking tools as the gang reportedly falls apart.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Fairmont Federal Credit Union)