08.08.2025
2 min
527
Connex Credit Union, one of Connecticut’s largest credit unions, reported that the personal and financial information of 172,000 customers was compromised in a cyberattack that occurred June 2-3, 2025.
The incident was discovered on June 3, when Connex reported unauthorized access to files containing names, account numbers, debit card information, Social Security numbers and government IDs. While no evidence of access to funds or accounts was found, the organization posted a warning on its website about active phishing calls and alerts from scammers posing as Connex employees.
Official notices were sent to victims by mail and the incident was reported to the Maine Attorney General’s Office. Connex urges you to ignore any requests to share your PIN, password or account number over the phone or via text message.
Connex Credit Union has been in business since 1940, serves more than 70,000 members through 8 branches in the New Haven, Hartford, Middlesex and Fairfield areas, and has more than $1 billion in assets. The breach comes amid a wave of attacks linked to the ShinyHunters group, which specializes in Salesforce hacking and social engineering, as well as an increase in activity by the Scattered Spider group, which has recently targeted financial and retail companies.
The Connex cyber incident highlights the vulnerability of even large and established credit organizations to targeted attacks. Customers should be especially vigilant for suspicious communications and regularly check their accounts, and financial institutions should strengthen their defenses against phishing and social engineering.
