To report a cyber incident, credit unions may contact the NCUA through the following channels:
- Call the NCUA at 1.833.CYBERCU (1.833.292.3728) and leave a voicemail; or,
- Use the National Credit Union Administration Secure Email Message Center (opens new window) (You will be leaving NCUA.gov and accessing a non-NCUA website. We encourage you to read the NCUA's exit link policies. (opens new page).) to send a secure email to firstname.lastname@example.org.
Cyberattacks and cybersecurity vulnerabilities pose significant risks to the financial system. Because of vulnerabilities within the credit union industry and the broader financial system to potential cyberattacks, cybersecurity is one of the NCUA’s top supervisory priorities and a top-tier risk under the agency’s enterprise risk-management program. The information contained on the NCUA’s Cybersecurity Resource Center is offered as a resource for research and informational purposes to help credit unions improve their cyber resilience
The NCUA has made a good-faith effort to collect and post resources from the agency and those throughout the federal government and private sector. The content in this resource center may not reflect all of the requirements or guidance in the area of cyber and information security and should not be construed as requirements except as noted. The NCUA does not endorse any vendor, service, or product. When you access links on these webpages, you may leave the NCUA’s public website.
NCUA’s Information Security Examination & Cybersecurity Assessment Program
Learn how the NCUA’s examination program assesses potential cyber risks and works to build the credit union system’s resiliency.
NCUA’s ACET & Other Assessment Tools
Access the Automated Cybersecurity Evaluation Toolbox application that’s designed for credit unions to easily measure their own cybersecurity preparedness levels over time.
Supply Chain Risk Management
Find resources to assist you in identifying, assessing, and mitigating the risk associated with the global ecosystems for information and communications technology products and services distribution.
Cyber Incident Reporting
Provides information on when and how to report a catastrophic act or an incident of unauthorized access to sensitive information.
NCUA’s Regulations & Guidance
Find links to the NCUA’s Regulations related to information and cybersecurity, third-party relationships and business continuity along with related guidance letters and FFIEC IT Handbooks.