Flagstar Bank Admits the Accellion Incident Affected Them as Well

  • Flagstar sends out notifications of a breach to customers, along with a credit protection service.
  • It took the bank about five weeks to conclude its internal investigation and inform its clients.
  • This is yet another client of Accellion that was compromised due to flaws in the software.

The Accellion incident that affected hundreds of FTA clients, including Bombardier, has just had another high-profile entity added to the list: the Michigan-based Flagstar Bank. The particular financial service provider is one of the largest residential mortgage providers and is among the top 100 banks (financial size) in the United States. Thus, this has the potential to impact a large number of Americans, which is why action to mitigate the involved risks is already being taken.

According to Flagstar’s announcement, Accellion informed them of the ongoing exploitation right after discovering it on January 22, 2021. The bank was using Accellion’s file sharing platform, inadvertently letting hackers access information on its systems.

Upon learning about the exploit, the bank discontinued the product’s use and engaged a team of third-party forensic experts to investigate and determine the scope of the incident. Reportedly, that is why it took them a while to deliver this notice to the public.

Now, the company is sending individual notifications to the impacted clients and is informing the data protection offices in accordance with state and federal regulations. Moreover, the impacted customers will receive credit monitoring services for free, hopefully saving them from fraudsters, hackers, and impersonators. These services will be provided through Kroll and will last for 24 months, including identity theft restoration, credit monitoring, and fraud consultation. Instructions on how to register for these services should be enclosed in the individual notices.

Additionally, you are advised to review account statements regularly and inform the bank and/or the law enforcement if you see anything suspicious. Also, request copies of credit reports every 12 months to see if you can find any activity that you don’t recognize as your own. In extreme cases of precautionary action, you can place a security freeze on your credit file.

It is quite unfortunate that clients of Flagstar Bank were left as prey to fraudsters for a total of 1.5 months now, so if you have received any weird emails or phone calls during that time, try to recall what information you’ve given away to the actors. If it was passwords, usernames, PINs, SSNs, etc., go ahead and reset them as soon as possible. The bank should have moved quicker for sure, but in any case, it’s better late than never.



M1 MacBook Users Report Their Screens Cracking and Nobody Knows Why

A growing number of M1 MacBook owners are reporting mysterious cracks on the laptop’s screen.The users claim they never mishandled or dropped...

Scientists Prove Tricking Sophisticated Voice Authentication Systems Is Feasible

Researchers proved that state-of-the-art voice verification systems can be fooled using existing tools.All that would be needed is a set of machine-learning...

DISH and Sling TV Filed Lawsuits Targeting 4 Sports Streaming Pirate Sites

DISH and Sling TV filed a lawsuit against 'SportsBay', 'Freefeds', and 'live NBA' streaming domains.These platforms are redistributing the broadcasters’ sports channels...