Idaho Central Credit Union
has started informing some customers of two data breaches that impacted the
financial institution

The first instance cropped
up on November 5, 2019 when some suspicious behavior was noted. A breach was
confirmed three days later, reported BoiseDev.
A data breach notice was sent on February 6, 2020 after a two-month long investigation
found the issue stemmed from a third-party mortgage portal used by the credit
union’s employees. The information compromised included name, date of birth,
Social Security number, financial account information, tax identification
number, and information on borrowers, liability, assets, employment, and income,
BoiseDev said.

The initial investigation then
turned up a second incident associated with a staffer’s email account, which
spurred a second inquiry. The extent of damage created by this breach was not
disclosed, but the company said all those affected by both cases have been notified.