Strauss Borrelli PLLC, a leading data breach law firm, is investigating Texas Dow Employees Credit Union (“TDECU”), regarding its recent data breach. The TDECU data breach may have involved sensitive personal identifiable information belonging to over 500,000 individuals.
ABOUT TEXAS DOW EMPLOYEES CREDIT UNION:
TDECU is a full-service credit union based in Texas. Founded in 1955, TDECU offers a variety of financial products and services to businesses and individuals, including checking and savings accounts, credit cards, money market accounts, CDs, mortgages, auto and personal loans, investment management services, and insurance products. Today, TDECU has over 385,000 members and more than $4.8 billion in assets.3 Headquartered in Lake Jackson, Texas, TDECU has 38 additional locations throughout Texas and employs over 1,000 individuals.
WHAT HAPPENED?
Recently, TDECU announced that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed and acquired. According to the breach notice, TDECU was notified by a third-party vendor used by TDECU to transfer data, MOVEit, that they were compromised by a bad actor on or around May 31, 2023.1 As a result, TDECU launched an investigation to determine the nature of the incident.
Through its investigation, TDECU learned that sensitive personal information belonging to TDECU members may have been viewed and taken by an unauthorized actor through a vulnerability in the MOVEit software between May 29 and May 31, 2023. As a result, TDECU began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Driver’s license number
- Government ID and taxpayer identification number
- Financial information (e.g., bank/financial account number, credit and/or debit card number)
As a result of the data breach, TDECU posted a notice of the incident on its website. Additionally, on August 23, 2024, TDECU mailed data breach notification letters to impacted individuals. Based on the breach notice on its website, TDECU will be providing affected individuals with a list of the specific type of sensitive information impacted and, in some cases, complementary credit monitoring services. A link to the breach notification letter that TDECU posted on its website below.
If you received a breach notification letter from Texas Dow Employees Credit Union:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.