Flagstar Bank faces proposed class action claims alleging it failed to adequately protect customers’ sensitive data from the Clop-MOVEit ransomware hack and then slow-walked its notification to the 837,000 it impacted.
The Michigan-based bank wasn’t hacked directly, but it waited five months after the well-publicized data breach had exposed people’s address, Social Security number, bank account, and other information to alert those affected, according to the lawsuit filed in the US District Court for the Eastern District of Michigan.
“Simply put, Flagstar impermissibly left plaintiff and class members in the dark—thereby causing their injuries to fester and the damage to ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.