On November 26, an isolated cybersecurity incident struck Ongoing Operations, a unit of Trellance, impacting the operations of approximately 60 credit unions that are clients of the firm. In response to the incident, the vendor, Ongoing Operations, promptly took action and initiated an investigation. The company also informed federal law enforcement about the cyber attack.

Ongoing Operations released a statement on December 2, stating that they are actively reviewing the impacted data to determine the specific information that was affected and to identify the individuals to whom the information belonged. Meanwhile, Mountain Valley Federal, one of the affected credit unions, conveyed in a message to its members on December 4 that their data processing system remains non-operational.

In light of the situation, the National Credit Union Administration is actively coordinating with the affected credit unions. Despite the disruptions caused by the cyber attack, the administration notes that many credit unions have implemented alternative services to mitigate the impact of the ongoing outages. The extent of the breach and the potential implications for the affected credit unions are under scrutiny, and Ongoing Operations continues to collaborate with law enforcement agencies in addressing the aftermath of the ransomware attack.