Patelco cyberattack: CEO sees ‘light’ ahead, but still no timeline on returning to full operations 

Patelco Credit Union customers’ questions continue to mount as the Dublin-based financial institution enters its second week of slow recovery from a serious cyberattack. And while Patelco executives said Sunday they’re getting more answers internally, they remain tight-lipped about what exactly happened and when operations might return to normal. 

In the latest status update, Patelco CEO Erin Mendez again tried to reassure the credit union’s members that their money “is safe and secure” and that progress is being made “diligently toward full functionality” — although many online-based features are still unavailable and in-person, phone or internet customer support remains limited after a security breach reported on June 29.

“I am happy to report that we have stabilized our network and begun processing transactions,” Mendez stated on Sunday. “Once this is complete and we achieve full banking functionality, our members will be able to access their account balance and accounts as they typically would under normal circumstances.” 

“I can’t share an exact date when we will be back to business as usual, but we can see the light at the end of the tunnel. I will keep you updated as we make progress on that front, specifically,” Mendez added.

Online banking, the mobile app, new or edited auto-pay of bills, Zelle transfers, balance inquiries and digital check cashing are among the features still down after what the company described as a ransomware attack two Saturdays ago. Patelco officials said they proactively shut down such banking systems that day “in order to contain and remediate the issue.”

They have not publicly revealed any additional details about the circumstances of the breach, but they said they’ve “engaged a leading third-party cybersecurity forensic firm to help us to investigate and recover as soon as possible.”

Patelco branches, as well as its call center and live chat online, are available with limited functionality, according to its special security update webpage. The line at the branch on Willow Pass Road in Concord was nearly 20 customers deep outside the door about an hour after opening last Wednesday morning before the holiday.

Patelco credit card, debit card and outgoing wire transfers were also listed in the limited functionality category as of Sunday.

ATMs, direct deposit, in-person cash and check deposits, PayPal and Venmo transfers, automated clearing house (ACH) external transfers, ACH bill pay and previously scheduled bill auto pay are among the services available for customers as usual, according to Patelco.

The credit union has conveyed to its customers that their money and balances were not affected by the breach. 

Patelco said it is offering to cover any late fees connected to the cyberattack as well as not impose any penalties or fees on Patelco loan payments during the outage. Pending loan applications are paused, as Patelco said it cannot fund any new loans at this time.

“I know I’ve stated this to you before, but the restoration of our systems while ensuring their future security requires careful and methodical work,” Mendez said Sunday. “I know this may not be moving as quickly as you’d like, but please know we are working as quickly as we can and we know how critically important this is to our members.”

It remains unclear whether any law enforcement agencies are investigating the ransomware attack at this time. The California Department of Financial Protection and Innovation posted a brief alert on Tuesday about Patelco’s public announcement that included no information about the agency’s involvement in the response.

PG&E purchases Stoneridge Mall Road property from WorkdayFebruary 1, 2026 4:07 pm

Dublin man convicted of rapes while at UC Santa BarbaraJanuary 31, 2026 1:48 pm

IKEA plans to open new-concept store in PleasantonJanuary 29, 2026 8:51 pm