Pennsylvania Credit Union Reports Data Security Incident

The $1.4 billion First Commonwealth Federal Credit Union in Allentown, Pa., said it had a data security incident that impacted the personal and account information of more than 98,000 current and former members.

The credit union’s notice that was sent to the office of Maine’s Attorney General reported that the data security incident affected 98,809 persons, including 28 Maine residents. While the credit union posted a notice about this incident on its website’s home page on Aug. 2, the notice did not include the number of persons that may have been affected.

First Commonwealth currently serves 94,198 members, according to the NCUA.

“On June 27, 2024, First Commonwealth discovered unusual network activity. In response, it immediately took steps to contain it and initiated an investigation with the assistance of independent cybersecurity experts,” the credit union said in a prepared statement posted on its website’s home page. “The investigation revealed that an unknown actor gained access to and obtained data from the First Commonwealth network without authorization on or around June 26, 2024.”

That data may have included the names, addresses, Social Security numbers, dates of birth, or account numbers of current and former members, but the credit union said it is not aware of any evidence that any members’ personal information was misused.

First Commonwealth has established a toll-free phone number, 1-888-461-3349, for members/former members to contact call center representatives with questions about the incident and to address related concerns.

“The privacy and protection of personal information is a top priority for First Commonwealth, which deeply regrets any inconvenience or concern this incident may cause,” the credit union said in a prepared statement.