A United States Bank Hit By Ransomware And Data Breach

March 15, 2021

Written by wukovits

A few months ago, it became widely known that there was a critical security vulnerability in Accellion FTA servers. Naturally, hackers wasted no time exploiting the vulnerability, and since then, we’ve seen a few instances of high-profile data breaches traced back to that very vulnerability. Flagstar bank is the latest such victim. Recently, the company disclosed that their network had been breached and that a range of customer data had been exposed.

The company’s formal statement on the matter reads in part as follows:

Accellion, a vendor that Flagstar uses for its file sharing platform, informed Flagstar on January 22, 2021, that the platform had a vulnerability that was exploited by an unauthorized party. After Accellion informed us of the incident, Flagstar permanently discontinued use of this file sharing platform.

Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted.”

The hackers behind the attack sent a ransom note to Flagstar, demanding payment in Bitcoin, or the group would publish the data they had stolen. They also provided a screen shot displaying a small portion of the stolen data, and from this we can glean that the following information was exfiltrated:

  • Bank employee information, including hire date and salary information
  • Customer names
  • Customer social security numbers
  • Customer addresses and phone numbers
  • Customer tax records

And the like.

Although the original zero-day Accellion security flaw has now been patched, since then, new vulnerabilities have been discovered and are being actively exploited. So unfortunately, Flagstar bank is almost certainly not going to be the last company to suffer a breach like this.

In any case, Flagstar has already begun the process of reaching out to their impacted customers. If you do business with the bank and were impacted, you’ve probably already received some form of communication. If not, call their support line or visit them on the web to find out if or whether you’ve been impacted.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon