Ransomware victim disclosure
← All victimsMaine Highlands Federal Credit Union
Claimed by Frag · listed 1 year ago
Status timeline
- ListedMar 24, 2025
- Data leakeddate unknown
At a glance
- Group
- Frag
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Mar 24, 2025
About the victim
AI dossier — public-source company profileMaine Highlands Federal Credit Union (MHFCU) is a federally-chartered credit union serving Maine members since 1965 (60th anniversary noted in 2025). The institution offers personal and business banking services including savings accounts, checking accounts, credit cards, loans, mortgages, and digital banking services.
- Industry
- Financial Services – Credit Union
- Founded
- 1965
Attack summary
Severity: critical — Exfiltration of financial statements and employee PII (medical insurance data) from a regulated financial institution constitutes confirmed exposure of sensitive regulated data. Financial institutions are subject to strict regulatory oversight (NCUA), and employee medical records are protected health information.The frag group claims to have exfiltrated financial statements, employees' medical insurance documents, and corporate internal documents and agreements from Maine Highlands Federal Credit Union.
Data the group says was taken
AI dossier — extracted from the leak post- financial statements
- employee medical insurance documents
- corporate internal documents
- corporate agreements
What the group claims
[redacted]Our team was successful in extracting the following documents: Financial statements of the company Employees medical insurance documents Corporate internal documents and agreements
Sources
- Victim sitemhfcu.com
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

