Idaho Central Credit Union has started informing some customers of two data breaches that impacted the financial institution

The first instance cropped up on November 5, 2019 when some suspicious behavior was noted. A breach was confirmed three days later, reported BoiseDev. A data breach notice was sent on February 6, 2020 after a two-month long investigation found the issue stemmed from a third-party mortgage portal used by the credit union’s employees. The information compromised included name, date of birth, Social Security number, financial account information, tax identification number, and information on borrowers, liability, assets, employment, and income, BoiseDev said.

The initial investigation then turned up a second incident associated with a staffer’s email account, which spurred a second inquiry. The extent of damage created by this breach was not disclosed, but the company said all those affected by both cases have been notified.