On July 18, 2025, Venture Credit Union Co-operative Society Ltd faced a ransomware attack attributed to the Russia-linked Qilin ransomware group. The group claimed responsibility for the incident, warning of a potential large-scale data leak unless negotiations commenced through specified channels.
Following the attack, Visa Debit Card Services experienced disruptions, rendering them unavailable for several days as the credit union worked to restore its systems. Fortunately, by July 21, 2025, the credit union announced that it had fully recovered from the incident, thanks to the rapid response from its ICT team.
By August 13-14, 2025, Venture Credit Union confirmed that its core banking data, including account balances and transaction details, remained secure. However, it acknowledged that some personally identifiable information (PII) had been leaked, and it was in the process of assessing the scope of the breach. Affected members would be contacted directly.
The leaked data reportedly included sensitive personal documents such as national ID cards and utility bills. Cybersecurity experts have raised alarms over the potential risks posed by this breach, emphasizing that even if core financial systems were restored, the leaked PII could lead to identity theft and fraud.
In light of this incident, members are advised to monitor their accounts closely and remain vigilant for any signs of unauthorized activity. Communications from the credit union should be verified to ensure they are legitimate. Venture Credit Union has committed to directly reaching out to those affected by the breach, urging members to stay alert for official contact from the organization.
