Flagstar Bank, a Michigan based company that specializes in providing mortgage loans, has reportedly become a victim of ransomware attack in January this year. However, the bank made the cyber incident public now, as it was waiting for investigation related to the incident over.
Confirmed sources say that the ransomware spreading gang not only decrypted the database but also siphoned banking data that includes social security numbers of those seeking loans on their homes and that of some employees.
Flagstar linked the ransomware attack to Accellion software as the threat actors are said to have exploited the software vulnerability of Accellion’s accounting software. The company is busy sending email notifications to its customers since March 6th,2021 and mentioned that it will provide a free identity monitoring service from Kroll at free of cost.
What’s embarrassing about the incident is that the incident impacted even those customers who closed their accounts on Flagstar a decade ago. But the bank claims that it do stores the data of its customers for reason, even if they close their accounts.
Cybersecurity Insiders has learnt that the ransomware that attacked the database of Flagstar bank was ‘Clop’ that first steals information from the victim database and then locks up from access to indulge in double extortion techniques.
Note- an independent security researcher named Michael Gillespie discovered Clop Ransomware in Feb’19. And the malware is only infecting enterprise networks, as it can demand an enormous amount as ransom in exchange for a decryption key.
