Connex Credit Union, one of Connecticut’s most prominent credit unions, has reported a significant data breach that has impacted approximately 172,000 of its members. This incident, which the organization discovered on June 3, 2025, involved unauthorized access to sensitive personal and financial information of its members, including names, account numbers, debit card details, Social Security numbers, and government IDs.
Founded in 1940, Connex operates as a member-owned non-profit with over $1 billion in assets, serving more than 70,000 members through its eight branches in the greater New Haven area. In correspondence with affected individuals filed with the Maine Attorney General’s office, Connex explained that the breach occurred during a short window of time between June 2 and June 3.
Despite the breach, Connex emphasized that there is currently no evidence to suggest that the attackers accessed members’ accounts or funds. However, in light of the incident, Connex has issued warnings to its members regarding potential phishing scams, urging them to be cautious of communications from individuals impersonating the credit union’s employees. Connex’s official website now displays a scam alert to inform members of ongoing attempts to exploit the incident.
As the investigation continues, the credit union joins a growing number of organizations that have faced similar breaches, particularly as cybercriminals target institutions using vishing and social engineering tactics. Recent reports indicate a notable increase in data breaches tied to groups such as ShinyHunters, which have impacted notable companies across various sectors, raising concerns about the growing risks associated with digital data security.