Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Flagstar Bank

Flagstar Bank Vendor Cyber Rating & Cyber Score

flagstar.com

Thank you for visiting Flagstar Bank, N.A. on LinkedIn, and we look forward to being part of your financial journey. Today, Flagstar Bank, N.A., is one of the largest regional banks in the country. The company is headquartered in Hicksville, New York. At December 31, 2025, the company had assets of $87.5 billion. We operate approximately 340 locations across nine states, with strong footholds in the greater New York/New Jersey metropolitan region and in the upper Midwest, along with a significant presence in fast-growing markets in Florida and the West Coast. We believe in cultivating a diverse, inclusive, and respectful workplace that engages employees, broadens perspectives, and encourages teamwork. We hire people who represent the


Flagstar Bank A.I CyberSecurity Scoring

Flagstar Bank
Company Information
Website:http://www.flagstar.com
Employees number:7,196
Number of followers:53,830
NAICS:52211
Industry Type:Banking
Homepage:flagstar.com
Flagstar Bank Risk Score (AI oriented)
Between 600 and 649
logo
Flagstar BankBanking
Updated:
02/04/2026
636/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Flagstar Bank Global Score (TPRM)
xxxx
logo
Flagstar BankBanking
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Flagstar Bank
Flagstar BankPoor
Current Score
636Caa (POOR)
01000
5 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
648Before Incident
JUNE 2026
647Before Incident
MAY 2026
643Before Incident
APRIL 2026
641Before Incident
MARCH 2026
632Before Incident
FEBRUARY 2026
631Before Incident
JANUARY 2026
629Before Incident
DECEMBER 2025
625Before Incident
NOVEMBER 2025
624Before Incident
OCTOBER 2025
622Before Incident
SEPTEMBER 2025
618Before Incident
AUGUST 2025
615Before Incident
OCTOBER 2023
610Before Incident
Breach
01 Oct 2023Flagstar Bank
Flagstar Bank

Flagstar Bank Data Breach

525After Incident
HIGH-85
FLA2323151023
Flagstar Bank is informing 837,390 US clients that threat actors breached the third-party service provider Fiserv, exposing their personal information. According to the data breach notification given to the impacted clients, the event involved vulnerabilities found in MOVEit Transfer, a file transfer programme that our vendor uses to support services it offers to Flagstar and its connected institutions. The banking institution emphasised that the MOVEit bug did not affect any of Flagstar Bank's systems or its capacity to provide customers with services. Flagstar initiated an inquiry into the event to ascertain the extent of the security incident as soon as it was made aware of the data breach.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Data Theft
IMPACT
Data Compromised: Personal Information
DATA BREACH
Type Of Data Compromised: Personal InformationNumber Of Records Exposed: 837,390
MAY 2023
602Before Incident
Vulnerability
27 May 2023Flagstar Bank
Flagstar Bank, N.A.

Flagstar Bank Data Breach

596After Incident
LOW-6
FLA825072625
On December 27, 2023, the Maine Office of the Attorney General reported that Flagstar Bank, N.A., experienced a data breach involving its vendor, Fidelity Information Services, LLC (FIS), due to vulnerabilities in MOVEit Transfer. The breach occurred between May 27 and May 31, 2023, affecting 25,891 individuals, including 22 residents of Rhode Island, with personal information possibly compromised. Identity theft protection services through Kroll were offered for two years.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal InformationIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Personal InformationSensitivity Of Data: HighPersonally Identifiable Information: Yes
DECEMBER 2021
617Before Incident
Breach
01 Dec 2021Flagstar Bank
Flagstar Bank, FSB

Flagstar Bank Data Breach

531After Incident
CRITICAL-86
FLA240072525
The Maine Office of the Attorney General reported a data breach involving Flagstar Bank on June 17, 2022. The breach occurred between December 3 and December 4, 2021, affected 1,547,169 individuals in total, and involved unauthorized access to personal information, including Social Security Numbers. Identity theft protection services were offered for two years through Kroll.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Social Security NumbersIdentity Theft Risk: High
DATA BREACH
Social Security NumbersSensitivity Of Data: HighSocial Security Numbers
JUNE 2021
770Before Incident
Breach
16 Jun 2021Flagstar Bank
Flagstar Bank

Flagstar Bank Data Breaches (2021-2022) and Regulatory Settlements

600After Incident
CRITICAL-170
FLA3192831110725
Flagstar Bank, a New York-based mortgage lender, faced severe financial and reputational repercussions due to two major data breaches in 2021 and 2022, which exposed the personal information of millions of customers. The fallout included a $31.5 million settlement in multiple class-action lawsuits filed by affected former customers, alongside an additional $3.5 million fine imposed by the SEC for misleading public statements regarding the breaches. The incidents not only led to substantial monetary losses but also eroded trust among customers and regulators. The breaches occurred before Flagstar sold its mortgage servicing business to Mr. Cooper in 2024, yet the legacy of the attacks continues to impact its standing in the financial sector. The exposed data likely included sensitive personal and financial details, amplifying the severity of the breach and its long-term consequences for both the company and its clients.
INCIDENT DETAILS -
TYPE
Data BreachRegulatory Violation
IMPACT
Financial Loss: $35 million (settlements + SEC fine)Data Compromised: Personal information of millions of customersCustomer Complaints: Class-action lawsuits filed by former customersBrand Reputation Impact: Negative (regulatory penalties and public disclosure)Legal Liabilities: $31.5 million (class-action settlements) + $3.5 million (SEC fine)Identity Theft Risk: High (personal information exposed)
DATA BREACH
Type Of Data Compromised: Personal informationNumber Of Records Exposed: MillionsSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
JANUARY 2021
772Before Incident
Vulnerability
20 Jan 2021Flagstar Bank
Flagstar Bank, FSB

Flagstar Bank Data Breach

769After Incident
MEDIUM-3
FLA245080525
On March 15, 2021, the California Office of the Attorney General reported a data breach involving Flagstar Bank, which occurred on January 20, 2021. The breach was due to an exploited vulnerability in the Accellion file sharing platform, affecting an unspecified number of individuals' personal information.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal Information
DATA BREACH
Type Of Data Compromised: Personal Information

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Flagstar Bank ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Flagstar Bank's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Flagstar Bank's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Flagstar Bank ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Flagstar Bank's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?