Cyber Incident Victim: Credit Union of Southern California

On January 31, 2023, Credit Union of Southern California (CU SoCal) detected suspicious activity within an email account belonging to an employee of California Bear Credit Union (CalBear), during the final stages of merging the two institutions. The unauthorized access occurred between January 11 and January 31, 2023, one day before the scheduled full integration of CU SoCal and CalBear. CU SoCal immediately secured the compromised email account and engaged third-party data security specialists to investigate the incident. By February 8, 2023, investigators confirmed the unauthorized party had accessed emails and attachments containing confidential customer information. The forensic review determined the breach impacted specific customers whose data resided in the affected email account, though CU SoCal did not publicly disclose the exact data types exposed.

CU SoCal completed its analysis of the compromised files on March 16, 2023, identifying affected individuals and the scope of exposed information. On May 18, 2023, the credit union filed a breach notice with Vermont’s Attorney General and mailed notification letters to impacted customers. The breach originated from a CalBear employee’s email account prior to the merger’s completion, exposing sensitive customer data during the 20-day access period. CU SoCal’s response included securing the account, conducting a forensic investigation, and implementing customer notifications 107 days after confirming the breach. The incident involved confidential customer information but did not disrupt the merged entity’s operations, which serves over 140,000 members with $110 million annual revenue across Southern California.