The Week in Breach:

United States – Flagstar Bank
Exploit: Hacking
Flagstar Bank: Banking & Financial Services
Customers Impacted: 1.5 Million Customers
More Info:


Risk to Business: 1.617 = Severe

Flagstar Bank disclosed that they’ve had a data breach that impacted an estimated 1.5 million customers. The Michigan-based bank says the cyberattack occurred on Dec. 3 and Dec. 4, 2021. However, the company did not determine who was affected until June 2022. The data breach happened during Flagstar Bancorp’s acquisition by New York Community Bank. The US financial organization is headquartered in Michigan and operates over 150 branches in areas including Indiana, California, Wisconsin, and Ohio.


Individual Risk: 1.878 = Severe

The only available information about the breached data says that the Social Security numbers were exposed.

United States – ADM Associates, Inc.
Exploit: Hacking
ADM Associates, Inc.: Energy Consulting
Customers Impacted: Unknown
More Info:

Risk to Business: 2.785 = Moderate

Energy evaluation company ADM Associates has reported a data breach impacting consumers. The company said that between August and September 2021, an unauthorized individual may have accessed and acquired certain information from its systems. ADM Associates does energy research and evaluation for public utility companies. Affected individuals have been informed via letter, and the company is offering free credit monitoring.

Individual Risk: 2.831 = Moderate

Exposed information may include customer PII including names, addresses, and other identifying data, as well as sensitive financial information and Social Security numbers.

United States – Atrium Health
Exploit: Phishing
Atrium Health: Medical System
Customers Impacted: 7,000 Individuals
More Info:


Risk to Business: 1.601 = Severe

North Carolina-based Atrium Health has announced a data breach impacting 7,000 patients. The healthcare provider says that an employee at Atrium Health at Home fell victim to a phishing attack, resulting in bad actors accessing that employee’s email and messaging account in April 2021. Atrium is mailing letters to the affected patients and hasn’t determined whether the unauthorized user accessed the protected health information in the accounts.


Individual Risk: 1.733 = Severe

Patient PII that was exposed included names, addresses, dates of birth, and health insurance information. A limited number of patients may have also had their Social Security numbers, driver’s license numbers, and financial account numbers compromised in the breach.

Cybersecurity News Risk Levels

1 - 1.5 =  Extreme Risk  |  1.51 – 2.49 =  Severe Risk |  2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.  

Leaving the office behind shouldn’t mean leaving behind your cybersecurity. That’s why we offer a comprehensive cybersecurity package for remote workers. Work securely and efficiently, from the comfort of your own home, with Sentry Roam.

Learn More

Want to receive a weekly email about data breaches? Sign up below!

placeholder   placeholder   placeholder

© 2022 Digital Agent, All Rights Reserved