On December 27, 2023, the Maine Office of the Attorney General reported that Flagstar Bank, N.A., experienced a data breach involving its vendor, Fidelity Information Services, LLC (FIS), due to vulnerabilities in MOVEit Transfer. The breach occurred between May 27 and May 31, 2023, affecting 25,891 individuals, including 22 residents of Rhode Island, with personal information possibly compromised. Identity theft protection services through Kroll were offered for two years.
TPRM report: https://www.rankiteo.com/company/flagstar-bank
"id": "fla825072625",
"linkid": "flagstar-bank",
"type": "Vulnerability",
"date": "5/2023",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'customers_affected': 25891,
'industry': 'Financial Services',
'name': 'Flagstar Bank, N.A.',
'type': 'Bank'}],
'attack_vector': 'Vulnerabilities in MOVEit Transfer',
'data_breach': {'number_of_records_exposed': 25891,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal Information'},
'date_detected': '2023-12-27',
'date_publicly_disclosed': '2023-12-27',
'description': 'Flagstar Bank, N.A., experienced a data breach involving its '
'vendor, Fidelity Information Services, LLC (FIS), due to '
'vulnerabilities in MOVEit Transfer.',
'impact': {'data_compromised': 'Personal Information',
'identity_theft_risk': 'High'},
'references': [{'date_accessed': '2023-12-27',
'source': 'Maine Office of the Attorney General'}],
'response': {'third_party_assistance': 'Kroll'},
'title': 'Flagstar Bank Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer'}