Click to Skip Ad
Closing in...
  1. Mattress Topper Amazon
    14:52 Deals

    35,000 Amazon shoppers gave this mattress topper 5 stars – get one for $34 today

  2. Amazon Echo Auto Price
    13:16 Deals

    Add hands-free Alexa to your car for $19.99 with this Amazon deal

  3. Amazon Deals
    07:55 Deals

    10 deals you don’t want to miss on Saturday: Alexa in your car for $19.99, $200 Chro…

  4. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free

  5. MacBook Pro 2021 Price
    16:34 Deals

    Amazon slashed $200 off Apple’s M1 MacBook Pro, or get a MacBook Air for $899

This is some of the worst news that a bank customer can get after a hack

March 23rd, 2021 at 6:44 PM
Data breach

Earlier this month, the Michigan-based bank Flagstar disclosed that a security incident had occurred, following the hack by a group of ransomware attackers who exploited a bank vendor’s zero-day software vulnerability.

Now, it seems the incident was much worse than noted at the time. Personal information, including social security numbers of customers, bank employees, and even people with tenuous connections to the bank, were accessed as part of this data breach. That’s according to letters and communications from the bank that angry social media users have been sharing on Twitter. Flagstar’s webpage that was set up to explain what happened doesn’t mention the particulars, but the bank confirmed to at least one news outlet that a staggering amount of data may have been accessed — including SSNs, first and last names, phone numbers, and addresses.

Today's Top Deal Super-popular TP-Link Kasa mini Alexa smart plugs just hit a new all-time low price of $6 each! List Price:$26.99 Price:$23.99 You Save:$3.00 (11%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

“On March 6, 2021, we determined that one or more of the documents removed from the Accellion platform contained your Social Security Number, First Name, Last Name, Phone Number, Address,” Flagstar wrote in a letter to some customers shared via social media. “Out of an abundance of caution we have secured the services of Kroll to provide identity monitoring at no cost to you for two years.”

In a recap about what happened, penned by American Banker, the publication notes that the hackers exploited a flaw in the Fire Transfer Application software from Accellion that Flagstar was using to secure sensitive data. “We are seeing a clear trend of attacks on third-party suppliers, especially software vendors, to the financial sector as well as other industries,” Steve Silberstein, CEO of the Financial Services Information Sharing and Analysis Center, told the publication. “While financial services firms tend to have robust cybersecurity controls and defenses, third and fourth parties performing critical services for multiple valuable clients will continue to be lucrative targets for threat actors with a variety of motivations.”

Among other key details about this data breach:

  • The FTA software at issue here is reportedly 20 years old and was set to be wound down next month.
  • According to Brett Callow, a threat analyst at the threat investigation and anti-malware provider Emsisoft, the identity of the attackers is unclear.
  • A ransomware gang, per American Banker, did publish some of the data stolen in this data breach to the dark web. There was also a threat that more information would be published if the attackers weren’t paid a ransom.

One thing experts stress about events like this is that even though it was a third party with lax security that was taken advantage of, banks still have a first-party obligation to make sure their customers’ data isn’t being handled carelessly. You don’t say.

Today's Top Deal Behold: Amazon's best AirPods Pro deal of 2021! List Price:$249.00 Price:$189.99 You Save:$59.01 (24%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News