Connex Credit Union, one of Connecticut’s largest financial institutions, has disclosed a significant data breach affecting an estimated 172,000 individuals. The credit union, which serves over 70,000 members, confirmed that an unauthorized third party accessed and downloaded sensitive files from its network.
The breach was first detected on June 3, 2025, after unusual activity was identified on the network. A subsequent forensic investigation revealed that hackers had access to the systems between June 2 and June 3. While Connex did not discover which specific individuals were impacted until July 27, affected members began receiving notification letters on or around August 7.
The compromised data includes a combination of personal and financial information, such as names, account numbers, debit card details, Social Security numbers, and government-issued IDs. Connex has stated there is no evidence of unauthorized access to members’ accounts or funds, but the exposure of this sensitive data raises serious concerns about the potential for identity theft and fraud.
In response to the incident, Connex is offering one year of complimentary credit monitoring and identity protection services to all affected individuals. The credit union has also posted a scam alert on its website, warning members about ongoing phishing attempts where scammers impersonate Connex employees to obtain personal information. The alert urges members to be cautious and to never provide sensitive details like PINs or passcodes over the phone.
The delay between the discovery of the breach in early June and the notification of affected members in August has prompted several law firms to launch investigations. They are exploring potential class-action lawsuits on behalf of victims, arguing that the credit union’s delayed notification may have violated state and federal laws and that members may be entitled to compensation for damages such as time spent dealing with the breach, out-of-pocket costs, and emotional distress.
Connex Credit Union, which manages over $1 billion in assets and serves communities in New Haven, Hartford, Middlesex, and Fairfield counties, is working with law enforcement and cybersecurity experts to investigate the attack and enhance its security protocols. Members are advised to remain vigilant, monitor their accounts for suspicious activity, and enroll in the free credit monitoring services provided by Connex.
