
This is yet another data breach class action, this time suing Flagstar Bank, FSB, for failing to safeguard the information of some 1.5 million individuals. The complaint alleges, “Lack of proper safeguards provided a means for unauthorized intruders to breach Flagstar’s computer network and steal sensitive personal identifying information.”
A class and a subclass have been proposed for this action:
- The Nationwide Class is all individuals and entities in the US whose personal identifying information was accessed in the cybersecurity breach Flagstar announced on or around June 17, 2022.
- The Michigan Subclass is all individuals and entities in Michigan whose personal identifying information was accessed in the cybersecurity breach Flagstar announced on or around June 17, 2022.
The Flagstar data breach occurred between December 3 and 4, 2021. The complaint alleges that the information stolen included names, addresses, Social Security numbers, financial account numbers, debit or credit card numbers, and other types of information.
The complaint alleges, “Flagstar informed multiple media outlets that it had learned of the breach during December 2021, providing a statement to CNET that it had detected the intrusion ‘right away,’ but had delayed disclosing the breach until it had completed its investigation.” The complaint alleges that Flagstar only sent written notice to the individual victims on June 17, 2022.
Flagstar had a duty to protect the information of its customers, the complaint claims: “By obtaining, collecting, and storing the Plaintiffs’ and Class members’ personal information, [Flagstar] assumed legal and equitable duties and knew, or should have known, that it was responsible for protecting the personal information from disclosure.”
This was not the first exposure of information on Flagstar’s customers, the complaint alleges. It cites a breach via a third-party vendor to Flagstar, Accellion, which the complaint claims exposed Flagstar customers’ names, Social Security numbers, and addresses in January 2021.
Despite the clear awareness that Flagstar should have obtained from this incident—that data breaches were a danger—the complaint asserts that Flagstar still did not implement reasonable security procedures to protect customer information. The complaint alleges that this neglect adds to Flagstar’s fault.
According to the complaint, Flagstar’s offers to customers in the wake of the data breach are “inadequate,” because the bank is making customers individually sign up for credit monitoring, fraud consultation, and identity theft restoration, instead of signing everyone up by itself, and because the services offered cover only two years, although, the complaint alleges, the ramifications of personal identifying theft can extend far beyond two years.”
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
Flagstar Bank Failure to Protect Customer Information Complaint
July 15, 2022
This is yet another data breach class action, this time suing Flagstar Bank, FSB, for failing to safeguard the information of some 1.5 million individuals. The complaint alleges, “Lack of proper safeguards provided a means for unauthorized intruders to breach Flagstar’s computer network and steal sensitive personal identifying information.”
Flagstar Bank Failure to Protect Customer Information ComplaintCase Event History
Flagstar Bank Failure to Protect Customer Information Complaint
July 15, 2022
This is yet another data breach class action, this time suing Flagstar Bank, FSB, for failing to safeguard the information of some 1.5 million individuals. The complaint alleges, “Lack of proper safeguards provided a means for unauthorized intruders to breach Flagstar’s computer network and steal sensitive personal identifying information.”
Flagstar Bank Failure to Protect Customer Information Complaint