Vulnerability Management, Data Security, Privacy, Security Staff Acquisition & Development

Over 800K Flagstar Bank customers impacted by third-party MOVEit hack

Click for more special coverage

BleepingComputer reports that Michigan-based Flagstar Bank had personal data from 837,390 customers across the U.S. stolen after its third-party mobile banking and payment processing provider Fiserv was impacted by the widespread MOVEit hack by the Cl0p ransomware operation, which has already compromised more than 64 million individuals across 2,000 organizations around the world.

While sample notification letters had the compromised information redacted, Flagstar Bank customers were noted in a Maine data breach portal entry to have had their names and Social Security numbers stolen in the intrusion.

Such a third-party hack comes after two other cyberattacks since 2021, when Flagstar had customer and employee data, including names, phone numbers, addresses, SSNs, and tax records stolen following a Cl0p ransomware attack targeted at its Accellion file transfer server.

More than 1.5 million of the bank's customers across the U.S. also had their information, including names and SSNs, breached following an attack against its corporate network in June 2022.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.