Flagstar Bank Data Breach Affects Over 800K Customers

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

In a recent notification, Michigan-based Flagstar Bank warned its customers about the exposure of their personal information due to a breach suffered by its third-party service provider.

With total assets of over $31 billion and more than 150 branches across several US states, Flagstar Bank was one of the largest financial services provider in the country, before its acquisition in 2022.

According to the issued notification, the bank suffered an indirect breach which led the hackers to access sensitive information of around 837,390 customers. Fiserv, a vendor which Flagstar uses for payment processing and mobile banking services, was impacted by the infamous Cl0P MOVEit Transfer attack.

The attack which occurred in May 2023, involved the MOVEit file transfer software, wherein unknown hackers had exploited a zero-day vulnerability to breach thousands of organizations worldwide to steal data.

Fiserv, which was also one of the targeted organizations, saw its system and files being accessed by unauthorized threat actors. ‘’During that time, unauthorized actors obtained our vendor files transferred via MOVEit. These files included Flagstar Bank and related institution customer information, including yours,’’ the notification revealed.

The type of stolen information was not disclosed by Flagstar in the notification. However, according to the information available on the Maine Attorney General office portal , the stolen data included names, other personal identifiers, and Social Security Number (SSNs).

The bank however confirmed that none of its internal system or customer service was impacted by the breach. It also revealed the remediation steps taken to prevent such incidents in future, including deploying necessary security measures, informing relevant authorities, and offering free identity monitoring service to impacted customers for two years.

This is the third time that Flagstar has suffered a data breach since March 2021. Earlier, in June 2022, it had disclosed a data breach of its corporate network, impacting nearly 1.5 million of its customers.

Lyca Mobile Confirms Customer Data Leak After Cyberattack

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

After confirming the cyberattack that led to widespread service disruption, Lyca Mobile disclosed that personal information of some customers was compromised during the incident.

First reported on October 3, 2023; the attack is said to have been discovered by the company on September 30 while investigating the network and operational outage issues.

While addressing the disruption in call services and inaccessibility to its top-up services, the company also hinted at a possible data theft of customer information.

‘’Our number one priority is ensuring the safety and security of our customers’ data, and we are urgently investigating whether any personal information may have been compromised as part of this attack,’’ the statement revealed.

While investigating with third-party security experts, Lyca found that sensitive information related to some customers was accessed by the unknown hackers. Although it was unable to say what type of data was stolen, Lyca revealed the customer information stored on its database.

It includes the name, address, date of birth, alternate contact and address information, copies of identity documents, passport copies, and other similar identity documents. The stolen data also included customer service interactions and stored payment card information, including the last 4 digits of a credit card and its expiration date.

As a precautionary measure, the company has suggested that customers with online accounts should change their passwords and remain vigilant of any suspicious emails, SMS messages, and calls.

Details about the attack and the actors behind it have not been revealed by Lyca, as the investigation and system restoration are still underway. It also notified the UK’s Information Commissioner’s Office and Ofcom about the attack.

Although most of the services have been restored in the affected markets, operational facilities like number porting are still unavailable, Lyca revealed.

The UK-based mobile virtual network operator (MVNO) provides mobile and voice IP (VoIP) services to over 16 million customers across 60 countries, worldwide.