Connex Credit Union, one of the largest financial cooperatives in Connecticut, has alerted tens of thousands of its members that their personal and financial information may have been compromised due to a cyberattack that breached its systems in early June.
Established in 1940, Connex operates as a non-profit, member-owned entity with over $1 billion in assets. It provides a suite of banking services—including insurance and credit cards—to more than 70,000 members across eight branches in the greater New Haven region, which encompasses New Haven, Hartford, Middlesex, and Fairfield counties.
According to data breach notification letters recently sent to affected individuals via U.S. Mail and submitted to Maine’s Attorney General, Connex first detected the breach on June 3, one day after its systems were compromised. The letter states, “The investigation revealed that certain files may have been accessed or downloaded without authorization between June 2 and June 3, 2025.” Furthermore, it was reported on July 27, 2025, that specific individuals’ personal data might be involved.
While Connex has yet to find evidence suggesting that attackers accessed members’ accounts or funds, it has confirmed the theft of a range of sensitive personal and financial information, including names, account numbers, debit card details, Social Security numbers, and government-issued identification numbers.
The breach notification did not specify any instances of the stolen data being used in future attacks. However, Connex currently highlights a scam alert on its official website, warning members about ongoing phishing campaigns where scammers impersonate credit union employees. The organization cautions, “Connex will never call you asking for PINs, passcodes, or account numbers.” Members are encouraged to hang up on suspicious calls and contact Connex directly at 1-800-CR-UNION (203-603-5700).
This incident comes amid a broader trend of data breaches linked to various threat actors targeting financial institutions. Recent reports indicate a significant uptick in attacks executed by the ShinyHunters extortion group, known for utilizing techniques such as vishing and social engineering to compromise sensitive information from prominent companies, including Allianz Life, Adidas, Qantas, Louis Vuitton, and Dior.
Further complicating matters, the insurance sector has recently seen its share of targeted attacks tied to the Scattered Spider hacker collective. This group has shifted its focus towards aviation and retail sectors, potentially indicating evolving tactics and targets within the cybersecurity landscape.
With the latest incident at Connex, it is crucial for business owners to be vigilant in their cybersecurity strategies. MITRE ATT&CK framework provides valuable insights into possible adversary tactics utilized, which may include techniques for initial access, such as spear-phishing or exploitation of web applications, as well as methods for maintaining persistence within compromised networks. Business leaders must continue to prioritize risk management and invest in robust security measures to guard against emerging threats.
