Through its lawyers, Pentagon Federal Credit Union (PenFed) has notified the New Hampshire Attorney General’s Office of a security breach.
According to a letter sent to the state on December 30, on December 12, PenFed discovered that a laptop had been infected with malware. The compromise allowed access to a database containing names, addresses, Social Security Numbers, credit card and/or debit card numbers, and PenFed account numbers for PenFed members, joint owners, former members, employees, and beneficiaries. No PINs or passwords were accessed or acquired.
Although the total number of individuals affected was not indicated, 514 residents of New Hampshire were among those affected.
While some might sneer at the fact that a laptop got infected with malware, I’m somewhat impressed with how quickly PenFed secured the system, identified how the access and acquisition of data occurred, prevented a recurrence, and arranged to set out notifications – all within a 3-week period that included the Christmas and New Year’s holidays.