Ransomware victim disclosure
← All victimsHeritage South Credit Union
Claimed by Embargo · listed 1 year ago
Status timeline
- ListedFeb 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Embargo
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Feb 14, 2025
- Data size
- 300 GB
- Ransom demanded
- $160M
About the victim
AI dossier — public-source company profileHeritage South Credit Union was chartered in 1937 as the Avondale Employees Federal Credit Union and has operated under its current name for many years. It serves over 14,000 members across Sylacauga, Childersburg, Moody, and Alexander City in Alabama, with over $160 million in assets.
- Industry
- Financial Services – Credit Union
- Founded
- 1937
Attack summary
Severity: critical — Confirmed large-scale exfiltration of highly regulated personal and financial data (PII, SSNs, account credentials, balances) affecting 14,000+ credit union members, representing clear regulatory violations and identity theft risk.The Embargo group claims to have exfiltrated 300 GB of data from Heritage South Credit Union, including comprehensive member financial and personal information. The group has published the data and is demanding a $160 million ransom.
Data the group says was taken
AI dossier — extracted from the leak post- debit card numbers
- account numbers
- social security numbers
- addresses
- phone numbers
- email addresses
- dates of birth
- current account balances
- debt records
- loan records
- insurance information
- executive personal data
What the group claims
Heritage South Credit Union was originally chartered in 1937 as the Avondale Employees Federal Credit Union. After many years and a couple of name changes, Heritage South Credit Union continues to have a strong presence in Sylacauga, Childersburg, Moody, and Alexander City as a fixture in the community and as a stable and secure financial institution. Heritage South Credit Union has grown to over $160 million in assets and over 14,000+ members. - 300 GB data including: - debit card numbers - account numbers - SSN - address - phone - email - DOB - current balances - debts - loans - insurance Here's data for CEO: ...
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

