Flagstar Bank Reveals 1.5 Million Customers Have Been Affected by Data Breach


Flagstar headquarters building glitch stylized image indicating data breach of 1. 5 million customers

Flagstar Bank recently revealed a massive data breach in its banking system, resulting from a cyberattack in December last year. During the attack, cybercriminals gained access to the personal data of more than a million Flagstar Bank customers.

The Details

The bank discovered on June 2nd, after an investigation, that the cyber attackers had accessed confidential client information, including names and social security numbers.

“Upon learning of the incident, we promptly activated our incident response plan, engaged external cybersecurity professionals experienced in handling these types of incidents, and reported the matter to federal law enforcement,” explains the notice. “We have no evidence that any of the information has been misused. Nevertheless, out of an abundance of caution, we want to make you aware of the incident.”

According to the information filed at the Attorney General’s Office, the data breach affected 1,547,169 persons across the country. The bank took quick steps to secure its systems and enlisted the expertise of forensic specialists from outside the organization to investigate what had occurred.

Flagstar’s Customer Mitigation Efforts

To make up for the breach, the bank gave a personalized response and help to those affected. Kroll, a mitigation firm, will provide security services to the institution’s clients free of charge. Kroll is a leader in the risk mitigation and response industry and has a lot of experience supporting people who inadvertently had their personal data exposed.

Credit monitoring, fraud advice, identity recovery after it has been stolen, and Identity monitoring are some of the services that will be provided. Users will also receive an alert when their credit data is updated and unfettered access to Kroll fraud specialists’ consultations.

How Do I Know If I Have Been Involved In A Data Breach?

If you hear of a data breach involving a company you do business with, contact the company to see if your information has been affected. You can check the organization’s website for a statement regarding the breach and advice on what to do, or you can contact the company’s customer care team.

How Can I Protect Myself In The Event Of A Data Breach?

Because sometimes you may not know if a breach has impacted you, your best course of action is to be proactive. You can stay ahead of the unscrupulous guys by following the tips below.

  • Check your bank accounts regularly for questionable activity, such as transactions you did not initiate. Sign up for account activity notifications through email or text if your financial institution offers them.
  • Change your password when you discover that you have become involved in a data breach. Don’t wait for the company to notify you. Note: If you reuse passwords, change those as well. Check out this article on tips to create strong passwords.
  • Be cautious of phishing schemes. Phishing emails appear to be genuine messages from trustworthy companies. These emails feature a “call to action,” generally concerning a problem with your account, and include a link. Never click on any links in these emails. If you are concerned about a problem with your account, open your browser and go directly to the website by entering the address into the address bar.
  • Enable multi-factor authentication, or use adaptive authentication. The article 5 Easy Steps To Get Two-Factor Authentication & Why You Need It has excellent tips on setting up 2-factor authentication.
  • Avoid using unsecured public WiFi.

Josh Breaker

Josh is a technology writer with a focus on all things cybersecurity. The topics he writes about include malware, vulnerabilities, exploits, and security defenses, as well as research and innovation in information security. I have also written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix.

Recent Posts