MemberSource Credit Union, a Houston-based credit union with multiple branches in Texas, has disclosed a data breach affecting 22,308 Texans.
The breach occurred on June 3, 2025, when unauthorized actors gained access to the credit union’s network and exfiltrated sensitive member data. The SafePay ransomware group later claimed responsibility for the attack.
What Data Was Exposed?
The following unencrypted data was accessed and stolen:
- Names
- Social Security numbers
- Driver’s license or state identification numbers
- Financial account information
Because the data was stored in unencrypted form, it was immediately usable by the attackers.

Delayed Notification
Although the incident occurred in June 2025, MemberSource did not begin notifying affected members until May 7, 2026 — nearly 11 months later. Notification letters were mailed after a lengthy review process to identify all impacted individuals.
The breach has been reported to the Texas Attorney General and is listed in the state’s official Data Security Breach Reports.

Independent Cybersecurity Audit
An EmailMeNow Cybersecurity Audit of membersourcecu.org on June 21, 2026 scored the credit union’s primary domain at 60% (High Risk) — at the lower end of passing email-authentication posture and consistent with gaps that make phishing and impersonation easier after a breach.
| Organization (Domain) | Overall | Risk Level |
|---|---|---|
| MemberSource Credit Union (membersourcecu.org) | 60% | High Risk |
Unencrypted member data in storage and weak public-domain email controls are separate problems, but both increase harm when attackers already have network access.
Audit link: membersourcecu.org audit
Why This Breach Matters
This incident highlights several important issues for Texas organizations:
- Storing sensitive personal and financial data in unencrypted form significantly increases risk.
- Long delays between breach discovery and member notification can worsen harm to affected individuals.
- Weak email security controls make organizations more vulnerable to impersonation and phishing campaigns.

Recommendations for Organizations
- Regularly audit your email security (SPF, DKIM, DMARC) and overall domain posture.
- Ensure sensitive data is properly encrypted both at rest and in transit.
- Develop and test a formal incident response plan, including timely notification procedures.
- Consider ongoing security awareness training to reduce the risk of successful social engineering attacks.
Related trackers
- Texas OAG YTD dashboard
- Healthcare AG breach tracker
- Law firm breach tracker
- Financial services tracker
- Monitoring guide
- CA June roundup
- TX June roundup
- WA May roundup
- TX Parks breach
- Have I Been Pwned
- All trackers
Protect your organization and clients.
Run a free Instant Cybersecurity Audit at audit.emailmenow.com to evaluate your email security, encryption readiness, and overall compliance posture.
Contact EmailMeNow IT Consulting for help with security assessments, incident response planning, and email security hardening.
Source: MemberSource CU Breach Exposes Unencrypted Data of 22,000 Persons – CU Times · EmailMeNow audit — membersourcecu.org