FRAMINGHAM, Mass.—Another credit union has announced a cybersecurity breach that has put its members’ personal and financial information at risk. It is the second attack this week being attributed to the ransomware group Akira.
MWCFCU disclosed the data breach to the Massachusetts Attorney General’s office on Dec. 29. Effected individuals have been notified by mail.
According to the $139.8-million MetroWest Community Federal Credit Union, on Sept. 1 it began receiving alerts about suspicious activity on certain systems within its network. It was determined that on Sept. 3, 2025, an unauthorized party had accessed specific systems and copied files without permission, exposing personally identifiable information (PII) of at least 7,573 residents in Massachusetts and 65 in Rhode Island, ClaimDepot reported.
According to the report, the cybercriminal group known as Akira claimed responsibility for the attack, which they executed using ransomware and later publicized on the Tor network on Oct. 25, 2025. As the CU Daily reported here, Ellafi Credit Union in Meridian, Conn. has also reported a breach that has been attributed to the same organization.
‘Significant’ in Scope
This breach of MetroWest “significant in both scope and severity,” according to ClaimDepot.com. “The compromised data includes a wide range of personally identifiable information (PII): names, addresses, telephone numbers, Social Security numbers, full financial account numbers, debit card numbers and driver’s license numbers. The attackers also claimed to have obtained client documents such as driver’s licenses, birth and death certificates, financial and accounting records, court case information and employee personal files.
ClaimDepot said the Akira ransomware group’s method involved both data theft and system encryption, a tactic that increases pressure on organizations to pay a ransom. The incident was reported to law enforcement, including the Federal Bureau of Investigation, the report added.
How CU Has Responded
MetroWest Community FCU said it responded to the breach by immediately securing its systems and engaging cybersecurity experts to investigate the incident. The credit union said it is now working with law enforcement and continues to review the affected data to determine the full scope of the breach.
To support those affected, MetroWest is offering complimentary access to Experian IdentityWorks for 24 months.
