Flagstar Bank Announces Data Breach Impacting Over 1.5 Million Names and Social Security Numbers

Console and Associates, P.C.

Recently, Flagstar Bank confirmed that the company experienced a data breach after someone gained unauthorized access to the company’s computer network. According to Flagstar, the breach resulted in the names and Social Security numbers of certain customers being compromised. On June 17, 2022, Flagstar filed an official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Flagstar Bank data breach, please see our recent piece on the topic here.

Additional Information About the Flagstar Bank Data Breach

Based on filings by Flagstar Bank, the company recently learned of a data security incident impacting the company’s servers. While Flagstar Bank did not elaborate on the date it discovered the incident, the company reports that it immediately secured its servers and began investigating the breach.

On June 2, 2022, Flagstar confirmed that the unauthorized party not only accessed the company’s IT system but that those files that were accessible contained sensitive customer data. After reviewing the files, Flagstar bank determined that the breach impacted the names and Social Security numbers of 1,547,169 individuals.

While Flagstar notes that the company has no knowledge of any unauthorized use of the leaked information, it is providing all affected parties with two years of free credit monitoring.

On June 17, 2022, Flagstar Bank began sending out data breach letters to all individuals whose information was compromised as a result of the recent data cyber incident.

About Flagstar Bank

Founded in 1987, Flagstar Bank is a Troy, Michigan-based full-service bank and lender. Flagstar Bank is currently the sixth-largest bank mortgage originator and has assets of over $23 billion. The bank offers the traditional suite of bank products one would expect, such as business and personal checking, savings, and credit card accounts, as well as certificates of deposits, mortgage loans, health savings accounts, insurance products and annuities. Flagstar Bank also offers wealth management and estate planning services. Flagstar Bank employs more than 4,975 people and generates approximately $521 million in annual revenue.

What Remedies Does a Data Breach Victim Have Against a Company?

The aftermath of a data breach can be incredibly stressful. But even worse, it can also result in a victim suffering real financial damages. However, in some cases, data breach victims have a legal remedy against companies that inadvertently leak their personal information. That said, not every data breach results in the company being liable; as a general rule, only those companies that acted negligently are financially responsible for a data breach. This begs the question; how can a company’s negligence cause a data breach.

Under existing data breach laws, there are several ways a company can act negligently with regard to consumer information. As a preliminary matter, all organizations have a legal duty to protect the consumer information in their possession. Below are some of the ways a company can violate the duty:

  • A company employee doesn’t follow the correct procedures when handling consumer information;

  • A company fails to implement and maintain an up-to-date data security system;

  • A company mistakenly sends consumer information to an unauthorized party; or

  • A company employee responds to a phishing attack, either by clicking on a link or providing sensitive information to an unauthorized party.

These are just a few of the most common examples of negligence; there are many others.

Data breach victims looking to learn more about their rights, what they can do to protect themselves, and how they can pursue a data breach lawsuit should reach out to a dedicated data breach lawyer as soon as possible.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.