MSN reports an update on a breach first reported by The Record.
Confidential personal data of more than 240,000 people may have been stolen last year when a South Carolina credit union was hacked by a group called “Nitrogen,” according to a consumer affairs public disclosure notice.
Ten lawsuits against the SRP Federal Credit Union have also been filed in federal district court i
n South Carolina alleging major breaches in the credit union’s supposedly secure digital recor keeping system.
… The breach occurred between Sept. 5 and Nov. 4 and was undetected during that time, the lawsuits allege. And the credit union’s customers weren’t notified of the breach until Dec. 12, lawsuits allege.
Read more on MSN.

A check of Nitrogen’s dark web leak site reveals that the threat actors are trying to sell the stolen data for $400,000. They claim to have 650 GB of files that include customers’ full names, Social Security numbrs, date of birth, address, account numbers, credit rating. Data from a table is provided as proof of claims.