16 Mar, 2021

Flagstar Bank stops use of file-sharing platform after identifying vulnerability

author's image

By Rica Dela Cruz


Flagstar Bank FSB has permanently discontinued use of its file-sharing platform following a vulnerability that was exploited by an unauthorized party.

Accellion, a vendor that the bank uses for the platform, informed the bank about the vulnerability Jan. 22. Flagstar Bank learned that the unauthorized party was able to access some of the bank's information on the Accellion platform. Other parts of the company's IT infrastructure outside of the Accellion platform, including its core banking and mortgage systems, were not impacted.

The company said it is currently notifying affected customers directly via U.S. mail and will give information about free credit monitoring services to those individuals. It also secured the services of Kroll to offer credit monitoring, fraud consultation and identity theft restoration to impacted customers for 24 months at no cost.