US bank and mortgage lender Flagstar Bank has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. Flagstar was breached not by the original December zero-day vulnerability, but for a new vulnerability utilized by threat actors in January, BleepingComputer has learned. After Flagstar began notifying victims of the data breach, the gang released screenshots of stolen data with a warning that it had stolen a lot more personal data. As Flagstar is a bank, it should be assumed that threat actors stole further documents containing sensitive information.
Source: https://www.bleepingcomputer.com/news/security/flagstar-bank-hit-by-data-breach-exposing-customer-employee-data/