Connex, one of Connecticut's largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June.

Founded in 1940, this member-owned organization is a non-profit with over $1 billion in assets, providing banking, insurance, and credit card services to more than 70,000 members across eight branches throughout the greater New Haven area, including New Haven, Hartford, Middlesex, and Fairfield counties.

In data breach notification letters sent to affected individuals via U.S. Mail and filed with the office of Maine's Attorney General, Connex states that it discovered the incident on June 3, one day after its network was breached.

"The investigation revealed that certain files may have been accessed or downloaded without authorization between June 2 and 3, 2025," it said. "On July 27, 2025, Connex identified certain individuals whose personal information may have been involved in the incident."

The non-profit has yet to find evidence that the attackers gained access to the affected members' funds or accounts, but has discovered that they stole a combination of personal and financial data, including names, account numbers, debit card information, Social Security numbers, and government IDs.

While the breach notification letters don't mention anything about the stolen data being used in attacks, Connex now displays a scam alert on its official websites, cautioning members of scammers impersonating its employees in ongoing phishing attacks.

"Please be aware that scammers are calling/texting members impersonating Connex employees. Connex will never call you and ask for PINs, passcodes, or account numbers," Connex warns. "If you receive a suspicious call or text, hang up and call us directly at 1-800-CR-UNION (203-603-5700)."

The disclosure comes on the heels of a wave of data breaches linked to the ShinyHunters extortion group, which targets Salesforce instances in vishing and social engineering attacks, impacting many high-profile companies, including Allianz Life, Adidas, Qantas, Louis Vuitton, Dior, Tiffany & Co., Chanel, and Google.

The insurance sector has also been targeted by attacks linked to the Scattered Spider hacker collective, which has shifted its focus to aviation firms and retail companies in recent months.