Cyber Incident Victim: Southwest Federal Credit Union

On January 20, 2023, Members Trust of the Southwest Federal Credit Union filed a data breach notification with the Texas Attorney General’s office after confirming unauthorized access to customer information. The Houston-based financial institution discovered a cyber threat that prompted an investigation, revealing that an unauthorized party had accessed sensitive consumer data. The compromised information included names, addresses, Social Security numbers, driver’s license numbers, financial account details, and protected health information. While the exact timeline of the breach discovery wasn’t disclosed, the credit union initiated a review of affected files to identify impacted individuals and determine the scope of compromised data. Members Trust did not publicly disclose the attack vector or whether the breach resulted from external hacking, insider threats, or system vulnerabilities.

The credit union began mailing notification letters to affected customers on January 20, 2023, though it did not issue a public press release or website notice at that time. Texas authorities confirmed at least 6,800 affected residents in the state, though the total number of victims across other jurisdictions remains unspecified. Impacted individuals faced exposure of multiple high-risk data categories that could facilitate identity theft and financial fraud. Members Trust did not describe specific containment measures, remediation efforts, or system security enhancements implemented post-breach. The incident exposed customers of the 87-year-old institution, which operates two Texas branches and manages approximately $11 million in annual revenue, to long-term identity protection risks given the permanent nature of compromised identifiers like Social Security numbers.