Flagstar Becomes Latest Entity Affected Through Accellion Hack

Financial service provider Flagstar Bank has become the latest high-profile organization to be added to the Accellion hacking incident that affected hundreds of entities and FTA clients.

The Michigan-based bank is one of the biggest residential mortgage providers in the U.S. and is ranked among the top 100 banks in the country. The size of the bank alone means that the hacking incident has the potential of impacting many Americans who are customers of the bank.

Already, steps have been taken to try and prevent massive damages or heavy impact of the attack.

Flagstar announced about the hacking incident and how it was compromised after Accellion informed them about the exploitation. The bank says it was utilizing the company’s file-sharing system, which s apparently how the hackers were able to penetrate its systems.

Flagstar stated that it stopped using Accellion’s product immediately after getting information about the hacking attempt on Accellion. It said it immediately contacted a team of third-party forensic experts to carry out investigations on the situation and find out the extent of the exploitation on the systems. Flagstar said the investigation process was the reason why it couldn’t inform the public immediately.

The bank has started sending notifications to individuals and customers who may have been affected by the breach. It has also notified data protection offices in line with the procedures following breaches of this nature.

Additionally, the affected companies receive credit monitoring services to help protect them against impersonators, hackers, and fraudsters.

The services will be offered for a whole year and will be provided through Kroll, according to the bank. The service will also include fraud consultation, credit monitoring, as well as identity theft restoration without any charges to the affected customers, Flagstar stated.

Registration instructions for the mentioned services have also been added to the individual notices.

Also, the bank has asked its customers to regularly check their account statements and report to law enforcement or the bank if they find any suspicious activity . They should also ask the bank for copies of their credit reports at least once a year to verify if there are any transactions they did not authorize. Customers who want to go the extra mile and thread cautiously can request the bank to freeze their credit file.

The initial hacking incident linking Flagstar with Accellion happened almost two months ago. But customers were not informed until recently. That means customers have been left exposed and vulnerable to the mercy of the hackers for about six weeks. As a result, security experts believe some customers may have received weird phone calls or emails during that period.

They advised those who have already been a victim to try and recall the type of information they have given out. If SSNs, PINs, usernames, or passwords are included in the details, they should quickly reset them to prevent impersonation or other attacks in the future.

Flagstar added that it wasn’t able to block the software on time as it seemed the unauthorized party had accessed the form of the company’s details on the Accellion platform.

However, Flagstar Bank has revealed that the breach did not impact its operations and the Accellion platform was segmented from other network elements like mortgage systems and core banking.

The bank hasn’t revealed how many customers were affected by the breach or revealed the type of record stolen .

The company added that although it had begun investigations, results may not be instantaneous and may take some time. But the bank added that the team is working judiciously hard and thorough and will be providing updates as new details are uncovered.

File Transfer Appliance (FTA), Accellion’s file-sharing program, is an enterprise product used by many organizations to transfer large files. Although it has been discontinued and displaced by other newer software like Kiteworks, hackers were able to exploit the zero-day vulnerability found in the software.

The zero-day was found in the software in December and hackers have been exploiting it since then. Reported victims of the exploit include Transport for New South Wales (TFNSW), Australian Securities and Investments Commission (ASIC), the Reserve Bank of New Zealand, as well as Qualys .