Data Breach Hits Mainstreet FCU

CEO reveals a merchant data breach produces $200,000 in fraudulent purchases.

By Tina Orem | October 15, 2015 at 09:14 AM

A data breach compromised information belonging to about 300 members of the Lenexa, Kan.-based Mainstreet Federal Credit Union, according to President/CEO John Beverlin.

Beverlin told CU Times hackers did not break into the credit union's systems and that the fraudsters likely purchased members' information somewhere online. Now the criminals are trying to capitalize on it, he said, and they've rung up more than $200,000 in fraudulent charges so far.

"Our systems were not hacked," Beverlin emphasized. "They're using data that they evidently received through a merchant breach. All the transactions, the monetary ones, are through some place in Shanghai, China."

Beverlin said card services notified the $378 million credit union, which has about 58,000 members, of suspicious activity on Columbus Day.

"We were able, starting Tuesday morning, to see what the issues were and of course we had people that had noticed themselves who were calling," he said.

The credit union is still determining the source of the breach and whether it can tie the affected accounts back to a specific retailer, according to Beverlin.

Mainstreet FCU purchased cyberliability insurance earlier this year, Beverlin said, though he added he's unsure how that will come into play if the credit union itself wasn't hacked.

"It wasn't a data breach here, but we do have bond coverage for card losses," he said.

Members appear to be taking the situation in stride.

"They're very understanding, being very patient," he said. "We have made sure that until we get all these transactions credited back – that we are not returning checks for members, charging them fees, that type of thing."

How the criminals got the information is still a mystery, though.

"You never know if it's one of the major breaches that has already occurred and they bought our member data – or it's a breach somebody hasn't discovered yet," Beverlin said.

NOT FOR REPRINT

1 Current & Former Credit Union Leaders React to Trump's Executive Order Impacting the NCUA

2 CFPB Credit Union Council Disbanded

3 Credit Union Talent Joins the C-Suite at Members 1st & Red Canoe CU

4 Senators Reintroduce Credit Union Board Modernization Act

5 CU Experts See NCUA’s Independence Fading With Executive Order

GlobeSt. Multifamily Spring 2025
April 01, 2025 - New York

Join the industry's top owners, investors, developers, brokers & financiers at THE MULTIFAMILY EVENT OF THE YEAR!
More Information
GlobeSt. Net Lease Spring 2025
April 01, 2025 - New York

This conference brings together the industry's most influential & knowledgeable real estate executives from the net lease sector.
More Information
Consulting
The Rising Stars of the Profession 2025
April 03, 2025 - Chicago

Consulting magazine is proud to recognize this unique group of movers & shakers at our annual Rising Stars of Profession awards.
More Information