Security News > 2023 > October > Third Flagstar Bank data breach since 2021 affects 800,000 customers
Flagstar Bank is warning that over 800,000 US customers had their personal information stolen by cybercriminals due to a breach at a third-party service provider.
A data breach notification sent to impacted customers explains that Flagstar was indirectly impacted by Fiserv, a vendor it uses for payment processing and mobile banking services.
The types of data that were compromised are redacted in the sample data breach notification letters.
This latest breach is the third for Flagstar since March 2021, when it disclosed it suffered a breach from the Clop ransomware gang, who, at that time, hacked its Accellion file transfer server in January of that year.
Based on the data samples posted by the ransomware gang, the hackers managed to steal customer and employee information, including names, addresses, phone numbers, tax records, and SSNs. In June 2022, Flagstar disclosed another breach of its corporate network that impacted over 1.5 million of its customers in the U.S. The data compromised in that incident includes at least names and Social Security Numbers.
Sony confirms data breach impacting thousands in the U.S. Data breach at French govt agency exposes info of 10 million people.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)