Flagstar Bank Breach - December 2021

Flagstar Bank Breach

Midwestern-based bank and holding company, Flagstar Bank, is headquartered in Michigan. It has over 150 different locations and is considered one of the largest mortgage lenders to residents throughout the Midwest and beyond.

What Was the Breach?

Flagstar Bank, headquartered in Troy, Michigan, was breached earlier this summer. The digital breach impacted millions of customers. Though the attack occurred early in December 2021, the financial institution did not notify its customers, the media, the public, or anyone else about the breach until deep into 2022.  

If Flagstar Bank representatives are being forthright with the media, they found out about the breach in the first half of June 2022. Flagstar responded to the attack by contacting law enforcement and contacting affected customers via the United States Postal Service. The company also enlisted a digital security specialist's assistance to determine the cause of the attack and prevent additional breaches down the line.

How Did the Breach Occur?

The “how” of this external data breach is a mystery to Flagstar Bank and digital security forensics specialists. The company has not stated how, exactly, the hackers obtained access to its internal systems.

When Did This Breach Occur?

This breach occurred in December 2021.

Who Does the Breach Impact?

The attack impacts Flagstar Bank customers. Hackers stole the names, social security numbers, and other information in the attack.

How Many Files Does the Breach Affect?

In total, the data breach exposed the files of more than 1.5 million customers. Flagstar Bank reached out to those customers in the aftermath of the attack, yet there is still a high likelihood that identity theft will occur.