SFCU
Company Details
Linkedin ID:
sf-fire-credit-union
Website:
Employees number:
115
Number of followers:
8,247
NAICS:
52
Industry Type:
Homepage:
sffirecu.org
IP Addresses:
17
Company ID:
SF _1570491
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
SF Fire Credit Union Vendor Cyber Rating & Cyber Score
sffirecu.orgFounded in 1951 by firefighters for firefighters, we are a credit union dedicated to building financial success in our community. Today, we continue to serve firefighters while also extending membership to those who live, work, or attend school in San Francisco, San Mateo, or Marin counties. Just as firefighters protect the physical security of the community, our institution protects its financial security. Unlike banks, we are a not-for-profit cooperative owned and operated by members like you. We are defined by our commitment to member-first service, community engagement, and innovation.
SF Fire Credit Union A.I CyberSecurity Scoring
SFCU Risk Score (AI oriented)Between 650 and 699
SFCU
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SFCU Global Score (TPRM)XXXX
SFCU
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SFCU Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
SF Fire Credit Union
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: SF Fire Credit Union suffered a data breach after the organization experienced a data security incident impacting the sensitive information of certain members. The breach compromised the names, credit card numbers, CVV numbers, card expiration dates, and PIN numbers of certain individuals. SF Fire Credit Union notified the affected individuals and offered all affected members with a one-time deposit of $120 to their account, which they can use to pay for credit monitoring if they choose to.
San Francisco Fire Credit Union
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving San Francisco Fire Credit Union (CU) on August 30, 2022. The breach occurred during multiple incidents between July 2, 2022, and August 8, 2022, involving the compromising of ATM card information, including names, card numbers, CVV numbers, and PINs. Approximately 11 individuals were affected, although the notification did not specify the exact number.
SF Fire Credit Union
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving SF Fire Credit Union on January 20, 2012. The breach occurred on December 29, 2011, when a laptop containing personal information, including names and Social Security Numbers, was stolen. The number of individuals affected is not specified.
SFCU Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SFCU
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for SF Fire Credit Union in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for SF Fire Credit Union in 2026.
Incident Types SFCU vs Financial Services Industry Avg (This Year)
No incidents recorded for SF Fire Credit Union in 2026.
Incident History — SFCU (X = Date, Y = Severity)
SFCU cyber incidents detection timeline including parent company and subsidiaries
SFCU Company Subsidiaries
Founded in 1951 by firefighters for firefighters, we are a credit union dedicated to building financial success in our community. Today, we continue to serve firefighters while also extending membership to those who live, work, or attend school in San Francisco, San Mateo, or Marin counties. Just as firefighters protect the physical security of the community, our institution protects its financial security. Unlike banks, we are a not-for-profit cooperative owned and operated by members like you. We are defined by our commitment to member-first service, community engagement, and innovation.
Loading...
SFCU Similar Companies
HDB Financial Services (HDBFS) is a leading Non-Banking Financial Company (NBFC) that caters to the growing needs of an Aspirational India, serving both Individual & Business Clients The lines of business include - Lending and BPO Services. Incorporated in 2007, HDB is a well-established business wi
Founded in the year 2000, the Indiabulls Group is one of the country’s leading business houses with interest across sectors like financial services, real estate, pharmaceutical and LED. Headquartered in Gurgaon, all the group companies are listed on the Bombay Stock Exchange, and the National Stock
BB&T
We’d love to stay connected with you! Please follow our Truist company page and unfollow this page which is no longer active. BB&T and SunTrust formed Truist with a shared purpose—to inspire and build better lives and communities. With our combined resources, collective passion, and commitment to i
Old Mutual Limited is a listed company on the Johannesburg Stock Exchange and has secondary listings on the London, Malawi, Namibia and Zimbabwe stock exchanges. As a Pan-African financial services company, we are focused on Africa, her needs and her people. Together with you, we have educated our
Piramal Finance
Piramal Finance Limited (Formerly known as Piramal Capital & Housing Finance Limited), is engaged in financial services business. It provides both wholesale and retail funding opportunities within real estate and non-real estate sectors. We value your feedback, queries, and requests and always lo
Broadridge
Broadridge Financial Solutions (NYSE: BR) is a global technology leader with the trusted expertise and transformative technology to help clients and the financial services industry operate, innovate, and grow. We power investing, governance, and communications for our clients – driving operational r
Capital Group
Capital Group was established in 1931 in Los Angeles, California, and now has 31 offices around the globe. For over 90 years we've provided carefully researched investment solutions and services to financial professionals. *** We've been made aware of an employment scam fraudulently using Capital G
JPMorganChase
With a history tracing its roots to 1799 in New York City, JPMorganChase is one of the world's oldest, largest, and best-known financial institutions—carrying forth the innovative spirit of our heritage firms in global operations across 100 markets. We serve millions of customers and many of the w
Pru Life UK
With 29 years of operations in the Philippines, we have the largest agency force of more than 39,000 licensed financial advisers ready to listen, understand and deliver. We are an innovative force in the life insurance industry who pioneered investment-linked or unit-linked insurance in the Philippi
.png)
SFCU CyberSecurity News
December 10, 2025 08:00 AM
San Francisco fire stations let it snow with return of decoration contest
San Francisco firefighters will light up their stations and compete for charity in a contest with roots in the 1940s that sometimes brings...
August 26, 2020 07:00 AM
Mazuma Credit Union CEO Brandon Michaels to lead Houston's JSC FCU
Brandon Michaels, CEO of $664 million Mazuma Credit Union, Overland Park, Kan., this week said he will resign his post effective Aug. 23 to take the role of...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SFCU CyberSecurity History Information
Official Website of SF Fire Credit Union
The official website of SF Fire Credit Union is http://www.sffirecu.org.
SF Fire Credit Union’s AI-Generated Cybersecurity Score
According to Rankiteo, SF Fire Credit Union’s AI-generated cybersecurity score is 690, reflecting their Weak security posture.
How many security badges does SF Fire Credit Union’ have ?
According to Rankiteo, SF Fire Credit Union currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has SF Fire Credit Union been affected by any supply chain cyber incidents ?
According to Rankiteo, SF Fire Credit Union has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does SF Fire Credit Union have SOC 2 Type 1 certification ?
According to Rankiteo, SF Fire Credit Union is not certified under SOC 2 Type 1.
Does SF Fire Credit Union have SOC 2 Type 2 certification ?
According to Rankiteo, SF Fire Credit Union does not hold a SOC 2 Type 2 certification.
Does SF Fire Credit Union comply with GDPR ?
According to Rankiteo, SF Fire Credit Union is not listed as GDPR compliant.
Does SF Fire Credit Union have PCI DSS certification ?
According to Rankiteo, SF Fire Credit Union does not currently maintain PCI DSS compliance.
Does SF Fire Credit Union comply with HIPAA ?
According to Rankiteo, SF Fire Credit Union is not compliant with HIPAA regulations.
Does SF Fire Credit Union have ISO 27001 certification ?
According to Rankiteo,SF Fire Credit Union is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of SF Fire Credit Union
SF Fire Credit Union operates primarily in the Financial Services industry.
Number of Employees at SF Fire Credit Union
SF Fire Credit Union employs approximately 115 people worldwide.
Subsidiaries Owned by SF Fire Credit Union
SF Fire Credit Union presently has no subsidiaries across any sectors.
SF Fire Credit Union’s LinkedIn Followers
SF Fire Credit Union’s official LinkedIn profile has approximately 8,247 followers.
NAICS Classification of SF Fire Credit Union
SF Fire Credit Union is classified under the NAICS code 52, which corresponds to Finance and Insurance.
SF Fire Credit Union’s Presence on Crunchbase
No, SF Fire Credit Union does not have a profile on Crunchbase.
SF Fire Credit Union’s Presence on LinkedIn
Yes, SF Fire Credit Union maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sf-fire-credit-union.
Cybersecurity Incidents Involving SF Fire Credit Union
As of April 04, 2026, Rankiteo reports that SF Fire Credit Union has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
SF Fire Credit Union has an estimated 31,558 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at SF Fire Credit Union ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does SF Fire Credit Union detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with offered $120 deposit for credit monitoring, and communication strategy with notified affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at SF Fire Credit Union
Description: SF Fire Credit Union suffered a data breach after the organization experienced a data security incident impacting the sensitive information of certain members. The breach compromised the names, credit card numbers, CVV numbers, card expiration dates, and PIN numbers of certain individuals. SF Fire Credit Union notified the affected individuals and offered all affected members with a one-time deposit of $120 to their account, which they can use to pay for credit monitoring if they choose to.
Type: Data Breach
Title: San Francisco Fire Credit Union Data Breach
Description: The California Office of the Attorney General reported a data breach involving San Francisco Fire Credit Union (CU) on August 30, 2022. The breach occurred during multiple incidents between July 2, 2022, and August 8, 2022, involving the compromising of ATM card information, including names, card numbers, CVV numbers, and PINs. Approximately 11 individuals were affected, although the notification did not specify the exact number.
Date Detected: 2022-08-30
Date Publicly Disclosed: 2022-08-30
Type: Data Breach
Attack Vector: Compromised ATM card information
Title: Data Breach at SF Fire Credit Union and Pacifica-Coastside Credit Union
Description: A laptop containing personal information, including names and Social Security Numbers, was stolen.
Date Detected: 2012-01-20
Date Publicly Disclosed: 2012-01-20
Type: Data Breach
Attack Vector: Physical Theft
Vulnerability Exploited: Lack of Physical Security
Threat Actor: Unknown
Motivation: Unknown
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SFF1912151122
Data Compromised: Names, Credit card numbers, Cvv numbers, Card expiration dates, Pin numbers
Incident : Data Breach SF-922072525
Data Compromised: Names, Card numbers, Cvv numbers, Pins
Incident : Data Breach SF-457072725
Data Compromised: Names, Social security numbers
Systems Affected: Laptop
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Credit Card Numbers, Cvv Numbers, Card Expiration Dates, Pin Numbers, , Names, Card Numbers, Cvv Numbers, Pins, , Names, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach SFF1912151122
Entity Name: SF Fire Credit Union
Entity Type: Credit Union
Industry: Financial Services
Incident : Data Breach SF-922072525
Entity Name: San Francisco Fire Credit Union
Entity Type: Credit Union
Industry: Financial Services
Location: San Francisco, CA
Customers Affected: 11
Incident : Data Breach SF-457072725
Entity Name: SF Fire Credit Union
Entity Type: Financial Institution
Industry: Finance
Location: California, USA
Incident : Data Breach SF-457072725
Entity Name: Pacifica-Coastside Credit Union
Entity Type: Financial Institution
Industry: Finance
Location: California, USA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach SFF1912151122
Remediation Measures: Offered $120 deposit for credit monitoring
Communication Strategy: Notified affected individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SFF1912151122
Type of Data Compromised: Names, Credit card numbers, Cvv numbers, Card expiration dates, Pin numbers
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach SF-922072525
Type of Data Compromised: Names, Card numbers, Cvv numbers, Pins
Number of Records Exposed: 11
Sensitivity of Data: High
Incident : Data Breach SF-457072725
Type of Data Compromised: Names, Social security numbers
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Offered $120 deposit for credit monitoring.
References
Where can I find more information about each incident ?
Incident : Data Breach SF-922072525
Source: California Office of the Attorney General
Date Accessed: 2022-08-30
Incident : Data Breach SF-457072725
Source: California Office of the Attorney General
Date Accessed: 2012-01-20
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2022-08-30, and Source: California Office of the Attorney GeneralDate Accessed: 2012-01-20.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified affected individuals.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-08-30.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2012-01-20.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, credit card numbers, CVV numbers, card expiration dates, PIN numbers, , names, card numbers, CVV numbers, PINs, , Names, Social Security Numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Laptop.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were credit card numbers, card numbers, PIN numbers, Names, card expiration dates, Social Security Numbers, names, CVV numbers and PINs.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 11.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
Description
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
Description
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=sf-fire-credit-union' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
