Comcast warns that hackers stole the personal data of more than 230,000 customers during a ransomware attack on a third-party debt collector. according to a court file. Bad actors targeted a Pennsylvania-based debt collection agency called Financial Business and Consumer Solutions (FBCS).
The attack occurred in February, but Comcast claims that FBCS initially said the incident did not involve any customer data. FBCS changed its tune in July, when it notified Comcast that customer information had been compromised. according to reports from TechCrunch.
In total, 237,703 subscribers were affected by the breach. The attackers were thorough, collecting names, addresses, Social Security numbers, dates of birth, Comcast account numbers and identification numbers. Comcast says the stolen data belongs to customers who signed up with the company “around 2021.” It also says it has stopped using FBCS for debt collection purposes.
“From February 14 to February 26, 2024, an unauthorized party gained access to FBCS's computer network and some of its computers,” the document states. “During this time, the unauthorized party downloaded data from the FBCS systems and encrypted some systems as part of a ransomware attack.”
No group has stepped forward to claim credit for the incident. FBCS has only referred to the attacker as an “unauthorized actor.” The debt collection agency was hit hard by this attack, and Comcast customers were just one group of victims. The company claims that more than four million people were affected and that cybercriminals accessed medical claims and health insurance information in addition to standard identification data.
To do this, the medical debt acquiring company CF Medical confirmed that 600,000 of its clients were involved in the breach. Truist Bank also confirmed that it was affected by the attack.
It is noteworthy that this incident mainly affects debtors, exposing them to possible scams. Chris Hauk, consumer privacy advocate at Pixel Privacytold Engadget that “bad actors who obtain this information can use it to impersonate debt relief agencies, which many turn to as a way out of their situation, meaning that many of the debtors involved can be defrauded with large sums of money, something they can hardly afford.”
In other words, be on the lookout for suspicious phone calls, emails, and text messages. This is good advice for anyone, and not just debtors who had data stored in FBCS. After all, it was revealed that hackers stole more than 2.7 billion American consumer records earlier this year, which likely includes data on everyone living in the country.
