The Detroit Free Press recently published an article about the Flagstar Bank which was a victim of the Accellion File Transfer Appliance (FTA) vulnerability. The bank recently alerted its customers that the hackers had gained access to personal identifiable information (PII), including names, addresses and social security numbers.
Flagstar Bank is not the only victim of the vulnerability in Accellion’s FTA software. Other well-known organizations such as Kroger, the Jones Day law firm, and Royal Dutch Shell also used the application and have been affected.
Flagstar Bank has hired forensic experts to investigate the breach as well as to gauge the scope of the data breach. It is reported that the bank sent letters out to customers dated March 15 informing them of the breach. Flagstar Bank has also hired the internet security firm Kroll to provide its customers affected by the breach with 2-years of free identity monitoring as well as fraud consultation and identity theft restoration.
The Keweenaw Report also recently published an article about the bank’s data breach, stating that the hacker group Cl0p first leaked employee information. The group is threatening to release customer data that was acquired through the breach.
The Detroit Free Press reports that when asked about if any ransom payments were planned, the bank declined to comment in order to protect the ongoing investigation. Information about the breach can be found on the bank’s website here.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology