Flagstar Bank (Flagstar) recently notified its more than 1.5 million customers that hackers gained access to their personal information during a cyber attack in December 2021. Flagstar Bank, headquartered in Michigan, is one of the largest banks in the United States, with more than $30 billion in assets.
A security incident occurred at Flagstar Bank in December 2021, when attackers breached the bank’s internal network. Since then, the bank has launched an investigation into the incident and recently discovered that the attackers had access to many customers’ sensitive information, including names and social security numbers, at the time.
According to information submitted to the Office of the Maine Attorney General, the data breach affected 1,547,169 Americans (OMA). Flagstar Bank has not responded positively to further media inquiries, including what types of data may have been exposed and why the incident took so long to be discovered.
This is the second major security incident at Flagstar Bank within a year.
In January 2021, the ransomware group Clop exploited a zero-day vulnerability in the Accellion FTA server to compromise the bank’s servers.The incident has affected numerous entities that do business with technology company Accellion Inc, including Bombardier, Singtel, the New Zealand Reserve Bank and the Washington State Auditor’s Office. ‘s State Auditor office.)
The breach led to Flagstar Bank being blackmailed by the Clop gang and its customers’ data being exposed to cybercriminals. The bank then terminated its partnership with the Accellion platform.
Data security refers to the ability to ensure that data are in a state of effective protection and legal utilization by taking necessary measures, as well as having the ability to guarantee a continuous state of security. Data security should ensure the security of the entire process of data production, storage, transmission, access, use, destruction, and disclosure, and ensure the confidentiality, integrity, and availability of the data processing process. In addition, it should also heterogeneously handle the association relationships of public data, such as personal names, contact information, vehicle registration, social media, etc. Although these are non-entity implicit data, they often involve personal privacy and may even cause public security issues such as real-time positioning.
Network data is one of the main targets of network attacks, for example, man-in-the-middle attacks may damage the integrity and authenticity of transmitted data. At present, some network platforms, while providing services, have excessive claims, over-scope collection, storage and sharing of network data by forcing access to various user information, and even “transfer” the rights and interests of data subjects to non-authorized institutions, which threatens the security of network data processing and leads to serious network security risks. Ensuring network data security is an important foundation for maintaining network security.
How should enterprises ensure cloud data security? Vinchin Backup & Recovery allows you to recover the entire VM and all its data from any restore point (full backup, incremental backup, or differential backup) without affecting the original backup data. Backups that have been deduplicated or compressed can be recovered. It is an excellent solution for ensuring enterprise business continuity and minimising critical business interruptions caused by disaster or system failure.
You can also quickly validate backup data availability by instantly restoring the target VM to a remote location in a matter of minutes. Ascertain that, in the event of a true disaster, all VMs can be recovered and that the data contained within is not lost or damaged. Vinchin provides solutions such as VMware backup for the world’s most popular virtual environments, XenServer backup, XCP-ng backup, Hyper-V backup, RHV/oVirt backup, etc.