An independent cybersecurity review across major Texas credit unions reveals a wide range of results. These institutions hold members’ financial and personal data, yet many show gaps in basic email authentication.
Using data from audit.emailmenow.com, we evaluated each institution’s domain across SPF, DKIM, DMARC, transport security, and website security headers.
Cybersecurity Scores of Major Texas Credit Unions
Overall compliance scores from audit.emailmenow.com, measured June 2, 2026. Re-run any domain at the link to verify.
| Rank | Credit Union | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | Credit Human | credithuman.com | 74% | Strong |
| 2 | Amplify Credit Union | amplifycu.org | 70% | Strong |
| 3 | Neighborhood Credit Union | myncu.com | 66% | Good |
| 4 | TDECU | tdecu.org | 65% | Good |
| 5 | A+ Federal Credit Union | aplusfcu.org | 64% | Good |
| 5 | Texans Credit Union | texanscu.org | 64% | Good |
| 7 | Randolph-Brooks FCU (RBFCU) | rbfcu.org | 60% | Above Average |
| 7 | MemberSource Credit Union | membersourcecu.org | 60% | Above Average |
| 9 | University FCU (UFCU) | ufcu.org | 58% | Average |
| 10 | Security Service FCU | ssfcu.org | 54% | Average |
| 11 | Greater Texas Credit Union | gtfcu.org | 52% | Below Average |
| 11 | Firstmark Credit Union | firstmarkcu.org | 52% | Below Average |
| 13 | Texas Trust Credit Union | texastrustcu.org | 44% | Weak |
| 13 | DATCU | datcu.org | 44% | Weak |
| 15 | InTouch Credit Union | intouchcu.org | 33% | Weakest |
What the Results Reveal
- Scores span 74% down to 33%, and no institution reaches a strong (85%+) posture — every credit union here has room to harden email authentication.
- MemberSource Credit Union (60%) sits mid-pack — and was the subject of a 2026 breach affecting 22,000+ Texans (see our coverage) — a reminder that “average” email security still leaves members exposed.
- GLBA and the FTC Safeguards Rule require documented safeguards; enforced DMARC, strict SPF, and DKIM signing are the fastest gaps to close.
Why This Matters for Financial Institutions
GLBA and the FTC Safeguards Rule require documented safeguards for members’ nonpublic personal information. Weak email authentication enables impersonation, phishing, and fraudulent transfer requests targeting members and staff.
See also — national audit
Recommendations for Credit Unions
- Enforce DMARC, strict SPF, and DKIM signing.
- Add MTA-STS, DNSSEC, and website security headers.
- Maintain a documented safeguards program and recurring security awareness training.
Protect your members. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=financial-advisors.
Contact EmailMeNow IT Consulting for help with safeguards documentation and email hardening.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com, measured June 2, 2026 — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.