Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label FBCS. Show all posts
Personal Information
comcast Data Breach FBCS Identity Theft Personal Information

Comcast Data Breach Impacts Thousands, Sensitive Information Compromised

 



Comcast Cable Communications LLC reports that it is a victim of a data breach compromising personal information of more than 237,000 individuals, including 22 residents of Maine. According to an investigation, the breach is traced back to Financial Business and Consumer Solutions, Inc., a third-party with which Comcast has associated in the past.

The data breach began on February 14, 2024, when an unauthorised third party gained access to FBCS's computer network. Access to this unauthorised party had led to a ransomware attack where cybercriminals downloaded and encrypted sensitive data. Initially, on March 13, 2024, FBCS had communicated to Comcast that customer information did not appear to have been compromised. However, months later, on July 17, 2024, it came to be known that sensitive customer data had indeed been affected.


New Comcast Hacking Findings

As soon as the breach was discovered, FBCS reached out to the FBI and hired some private cybersecurity firms to comprehend the full dimension of the breach. The investigation revealed names, addresses, Social Security numbers, birth dates, and Comcast account numbers accessed. The acquired information is of a very sensitive nature that encompasses substantial risk factors for identity theft and even financial frauds.

Still, FBCS has maintained that, to date, there is nothing known to be ill-gotten from the stolen data. Only the records starting 2021 are affected, as in 2020, FBCS terminated its contract with Comcast.


Support for Victims

Comcast began notifying the victims on 16 August 2024 and is providing them with free identity theft protection for 12 months. Comcast is partnering with CyEx Identity Defense Complete for credit monitoring and additional support services.

The notification stated that the breach had occurred only in FBCS systems and was unrelated to Comcast's networks themselves. To reach out to the affected customers, the company, Comcast, geared efforts towards helping them manage the fallout of the breach. It provided direct communication and access to a support service. Outside legal counsel for Comcast, Michael Borgia noted, "We are committed to helping our customers navigate the aftermath of this incident and ensuring they have the resources necessary to protect themselves."

Watching Your Back: Protection of Consumer Data End

The Comcast breach highlights the kinds of current risks facing consumers whose data is managed by third-party vendors. In response to this, Comcast is counselling its consumers to be on their guard. Protecting measures include: reviewing account statements for suspicious transactions, reviewing credit reports, and registering for the identity protection services Comcast is offering. Moreover, Comcast is suggesting the enabling of two-step verification for Xfinity accounts in order to increase security to its fullest potential.

This incident underlines the critical need to protect information while ensuring greater caution with regard to personal information in light of more prudent cyber attacks.



Read more »
Ransomware attack
comcast Comcast data breach Customer Information Data Breach data security Data Theft debt collector FBCS Ransomware attack

Comcast Data Breach: Over 237,000 Customers’ Information Stolen in Cyberattack on Debt Collector

 

Comcast has confirmed that sensitive data on 237,703 of its customers was stolen in a cyberattack on Financial Business and Consumer Solutions (FBCS), a debt collection agency it previously worked with. The breach, which occurred in February 2024, involved unauthorized access to FBCS’s computer systems, resulting in the theft of customer data, including names, addresses, Social Security numbers, and Comcast account information. Although Comcast was initially assured that none of its customers were affected by the breach, FBCS later revealed that the data had indeed been compromised. 

The breach unfolded between February 14 and February 26, 2024. During this period, the attackers downloaded sensitive data and encrypted some systems as part of a ransomware attack. FBCS launched an investigation upon discovering the breach and involved third-party cybersecurity specialists to assess the damage. However, it wasn’t until July 2024 that FBCS contacted Comcast again, informing the company that its customer data had been part of the stolen records. Comcast acted promptly upon receiving this updated information, notifying its affected customers in August and offering support services such as identity and credit monitoring. This move came after FBCS informed Comcast that, due to its current financial difficulties, it could not provide the necessary protection services for those affected. 

Comcast has stepped in to offer these services directly to its customers. The breach exposed not just Comcast’s customers but also a broader group of individuals, with FBCS initially revealing that over 4 million records had been compromised. The exact method of the breach and how the attackers infiltrated FBCS’s systems remain unclear, as FBCS has not disclosed specific technical details. Additionally, no ransomware group has claimed responsibility for the attack, leaving the full scope of the incident somewhat shrouded in mystery. Comcast has made it clear that its own systems, including those of its broadband and television services, were not affected by the breach. The data stolen from FBCS pertains to customers who were registered around 2021, and Comcast had ceased using FBCS for debt collection services by 2020. 

Nevertheless, this breach highlights the risks that third-party service providers can pose to customer data security. In the aftermath, this incident serves as a reminder of the growing threat posed by cyberattacks, particularly ransomware, which has become a common tactic for malicious actors. As companies increasingly rely on third-party vendors for services such as debt collection, the need for stringent security measures and oversight becomes even more critical. Comcast’s experience shows how quickly situations can evolve and how third-party vulnerabilities can directly impact a company’s customers. While Comcast has taken steps to mitigate the damage from this breach, the case of FBCS raises important questions about the security practices of third-party service providers. 

As data breaches become more frequent, customers may find themselves at risk from vulnerabilities in systems beyond the companies with which they interact directly.
Read more »
SSNs
Data Breach FBCS Financial Sector phishing Sensitive data SSNs

FBCS Data Breach Affects 4.2 Million Americans


 


Financial Business and Consumer Solutions (FBCS), a debt collection agency, has announced that a data breach in February 2024 has now affected 4.2 million people in the U.S. This is a drastic rise from previous reports and underscores the growing impact of the breach.

Initially, in April, FBCS reported that 1.9 million individuals had their sensitive information compromised due to a breach on February 14, 2024. In May, this number was revised upward to 3.2 million. Recently, a new notice filed with the Office of the Maine Attorney General increased the total number of affected individuals to 4,253,394.

Types of Compromised Data

The breached information varies per person but includes highly sensitive data such as full names, Social Security Numbers (SSNs), birth dates, account information, and driver’s licence or ID card numbers. This level of data exposure poses serious risks of identity theft and fraud.

Company's Response and Notifications

Starting July 23, FBCS began notifying the additional people impacted by the breach. These notifications warn recipients about the increased risk of phishing and fraud attempts. The company is also offering free 24-month credit monitoring and identity restoration services through CyEx to help those affected.

Details of the Breach

The breach was discovered by FBCS on February 26, 2024, when the company detected unauthorised access to specific systems within its internal network. Despite the severity of the incident, FBCS has not disclosed detailed information about the nature of the attack or identified any individuals or groups responsible for the breach. The company has assured that the unauthorised access was confined to its internal systems and did not extend to computer systems outside its network. So far, no ransomware gangs have claimed responsibility for the breach, leaving the exact methods and perpetrators of the attack unknown.

FBCS advises those affected to remain vigilant against phishing attempts designed to steal more personal information. It is also recommended that individuals closely monitor their credit reports for any signs of fraudulent activity or unauthorised loans, as the exposed information could be used for identity theft.

This FBCS data breach helps us see vulnerabilities in a fresh light within the financial sector. As FBCS works to manage the repercussions, it is crucial for affected individuals to take protective measures to safeguard their personal information and mitigate potential risks.


Read more »
Subscribe to: Posts (Atom)