cyber Breach

Flagstar Bank

Oct 15, 2023 1 min read
Flagstar Bank

Flagstar Bank is informing 837,390 US clients that threat actors breached the third-party service provider Fiserv, exposing their personal information.

According to the data breach notification given to the impacted clients, the event involved vulnerabilities found in MOVEit Transfer, a file transfer programme that our vendor uses to support services it offers to Flagstar and its connected institutions.

The banking institution emphasised that the MOVEit bug did not affect any of Flagstar Bank's systems or its capacity to provide customers with services.

Flagstar initiated an inquiry into the event to ascertain the extent of the security incident as soon as it was made aware of the data breach.

Source: https://securityaffairs.com/152143/data-breach/flagstar-bank-data-breach-2.html

TPRM report: https://scoringcyber.rankiteo.com/company/flagstar-bank

"id": "fla2323151023",
"linkid": "flagstar-bank",
"type": "Breach",
"date": "10/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '837,390',
                        'industry': 'Financial Services',
                        'location': 'United States',
                        'name': 'Flagstar Bank',
                        'type': 'Banking Institution'}],
 'attack_vector': 'Vulnerability Exploitation',
 'customer_advisories': 'Data Breach Notification',
 'data_breach': {'number_of_records_exposed': '837,390',
                 'type_of_data_compromised': 'Personal Information'},
 'description': 'Flagstar Bank is informing 837,390 US clients that threat '
                'actors breached the third-party service provider Fiserv, '
                'exposing their personal information.',
 'impact': {'data_compromised': 'Personal Information'},
 'initial_access_broker': {'entry_point': 'MOVEit Transfer'},
 'investigation_status': 'Ongoing',
 'motivation': ['Data Theft'],
 'post_incident_analysis': {'root_causes': 'Vulnerabilities in MOVEit '
                                           'Transfer'},
 'response': {'communication_strategy': 'Customer Notification'},
 'title': 'Flagstar Bank Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'MOVEit Transfer'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.