3 min read

Bank loses customers' social security numbers after ransomware attack

Graham CLULEY

March 24, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Bank loses customers' social security numbers after ransomware attack
  • Clop ransomware gang exploited Accellion flaws to steal data
  • Customers angry that their details were breached, even after closing their accounts long ago.

Things don’t get much worse than having to admit to your employees that a gang of cybercriminals have broken into your infrastructure, stolen the private details (social security numbers, names and home addresses) of your staff, and are demanding that your company pays a ransom before further sensitive data is leaked.

Well, actually they do.

Because what if two weeks later the hacked bank (did I mention it was in the top 75 list of largest banks in the United States?) reveals that the cybercriminals have also managed to exfiltrate sensitive data related to your multiple customers?

As Vice reports, the attack by the Clop ransomware gang against the Flagstar Bank, headquartered in Michigan, became public knowledge earlier this month, after the bank published a statement on its website explaining that it was one of many corporations impacted by a breach related to using Accellion’s ageing FTA file-sharing appliance.

Flagstar Bank’s public acknowledgment of the breach may have spurred the hackers to up the ante, posting details on their website and contacting journalists in an attempt to apply pressure on their victim to pay up.

The names of 18 Flagstar Bank employees were made available on the website, alongside their alleged social security numbers, home addresses, and other personal private information.

However, things became even more serious when it became apparent that the hackers were contacting the bank’s customers, informing them of the breach.

This appears to have spurred Flagstar Bank into contacting affected customers to admit that their Social Security Numbers, home addresses, full names, phone numbers, and home addresses had also fallen into the hands of cybercriminals.

Affected members of the public were understandably less than happy.

As some affected individuals pointed out, they were not even current customers of the bank.

One woman told Vice that her personal information had been leaked even though she had closed her account more than a decade ago.

The Clop ransomware gang has been exploiting vulnerabilities in the Accellion FTA platform to steal hosted files from a wide array of organisations in recent months – with corporate victims including oil giant Shell, Qualys, NSW Transport Agency, aerospace firms, law firms, and advertising agencies.

Earlier this month, Accellion published a third-party security assessment of its FTA platform, detailing the zero-day vulnerabilities that had been found (and since patched), and describing the attacks as “[demonstrating] a high level of sophistication and deep familiarity with the inner workings of the Accellion FTA software, likely obtained through extensive reverse engineering of the software.”

In the case of Flagstar Bank, it is offering impacted individuals two-years worth of free credit monitoring and identity protection services, and warning customers to be wary of communications which may be sent to them by the criminals.

Of course, signing up with an identity protection service does mean sharing personal information with yet another online service – something you might feel shy about doing in the immediate aftermath of a data breach like this.

Affected bank customers might also be wise to keep a close eye on their account statements for suspicious activity.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Israeli Authorities Seized Severs of Breached Company for Not Cooperating Israeli Authorities Seized Severs of Breached Company for Not Cooperating
Silviu STAHIE

July 04, 2022

1 min read
FTC warns LGBTQ+ community of extortion scams targeting them on dating apps FTC warns LGBTQ+ community of extortion scams targeting them on dating apps
Graham CLULEY

July 01, 2022

2 min read
OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you? OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you?
Radu CRAHMALIUC

June 30, 2022

3 min read