MemberSource Data Breach: 50 GB of Data Stolen

MemberSource Credit Union, a credit union based in Houston, Texas, experienced a data breach on June 3, 2025, that exposed sensitive personal and financial information belonging to its members.

Approximately two weeks after the breach occurred, on June 17, 2025, a ransomware group known as Safepay publicly claimed responsibility for the breach. The group posted its claimed on the dark web that it had obtained 50 GB of data from the credit union.

The types of personal information exposed in the breach included names, Social Security numbers, driver's license or state identification numbers and financial account information.

The breach was disclosed to the California Attorney General on May 8, 2026.

The total number of individuals affected across the United States has not been publicly disclosed.

MemberSource Credit Union's response to the breach

MemberSource Credit Union sent notification letters to individuals whose information may have been affected by the ransomware attack.

In its notification, the credit union provided affected individuals with detailed guidance about the steps they can take to help protect their personal information. The notice explained how consumers can place fraud alerts and credit freezes with the three major credit reporting bureaus: TransUnion, Experian and Equifax.

The notification informed consumers about their right to file police reports if they experience identity theft or fraud.

MemberSource Credit Union can be reached by mail at 10100 Richmond Ave., Houston, TX 77042, or by phone at 713-627-4000. Phone support is available Monday through Friday from 9 a.m. to 5 p.m. and Saturday from 9 a.m. to 1 p.m. CST.

Steps to take if your information was exposed

• Place a credit freeze with all three credit bureaus by contacting Equifax (1-888-378-4329), Experian (1-888-397-3742) and TransUnion (1-800-916-8800) to prevent new accounts from being opened without authorization.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts or credit inquiries that are not recognized.
• Monitor financial accounts closely for unauthorized transactions, and report any suspicious activity to the relevant financial institution right away.
• Consider placing a fraud alert with one of the three major credit bureaus, which will notify the other two and require businesses to take steps to verify identity before extending new credit.
• Report any suspected identity theft to the FTC at IdentityTheft.gov or by calling 1-877-438-4338, and file a report with local law enforcement if needed.
• Be cautious of phishing attempts that reference MemberSource Credit Union or this data breach by name, as scammers often exploit breach notifications to trick people into sharing more personal information.