From the Credit Union Times
Kirk Kordeleski, the CEO of Bethpage Federal Credit Union, said the exposure of personal information from up to 86,000 of the credit union's 205,000 members happened because a staff member inadvertently uploaded a file containing the information onto a in insecure website. Read more
More details about the data that was leaked are described in this credit union notice
This shows that no matter how secure an institution makes its website, security can always be breached by employee mistakes.