Flagstar Bank in Troy, Michigan, was hit with a massive data breach last winter impacting over 1.5 million of its customers, the company reported.
In a disclosure Friday to the Office of the Maine Attorney General, the bank revealed that a two-day breach in early December affected 1,547,169 customers. The incident, only described as an “external system breach (hacking)”, occurred between Dec. 3 and 4, and an investigation with third-party forensic experts discovered on June 2 that Social Security numbers were acquired, according to the filing.
“For those impacted, we have no evidence that any of their information has been misused,” the firm said in a statement Tuesday. “Nevertheless, out of an abundance of caution we are offering complimentary credit monitoring services.”
Flagstar said it's providing impacted customers two years of complimentary Kroll credit monitoring services.
The lender closed $8.2 billion in mortgage loans during the first quarter of 2022, according to an earnings report, a decline of 40% from $13.8 billion from last year's first quarter and a 23% drop from the $10.7 billion closed over the last three months of 2021. Flagstar, in response to declining home loan volume, has
The company is also in the
The December hack at Flagstar is the latest in a series of data breach revelations this spring from mortgage firms, and the largest at a mortgage lender. Banks and non-banks
The biggest hack occurred at the servicers Lakeview Loan Servicing and Pingora Loan Servicing, subsidiaries of Florida-based Bayview Asset Management, which earlier this spring disclosed a cyberattack last fall affecting over 2 million of their customers. The servicers are
In addition to data breaches, the industry is also facing
