A data breach has impacted more than 237,000 Comcast customers, exposing their personal information such as names, addresses, Social Security numbers, dates of birth, and Comcast account numbers.
The breach occurred at Financial Business and Consumer Solutions (FBCS), a third-party debt collection agency previously used by Comcast.
According to a filing with the Maine attorney general’s office, FBCS notified Comcast in March 2024 that the breach impacted no Comcast customer data. However, on July 17, 2024, FBCS informed Comcast that its customer data had been compromised.
The breach occurred between February 14 and February 26, 2024, when an unauthorized party accessed FBCS’s computer network and downloaded sensitive information. The attackers also encrypted some systems as part of a ransomware attack.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
Comcast has stated that the breach occurred entirely at FBCS and not at Xfinity or on Comcast systems. The company has also emphasized that it stopped using FBCS’s services in 2020 and that the compromised information dates back to around 2021.
The stolen data includes:
- Names
- Addresses
- Social Security numbers
- Dates of birth
- Comcast account numbers
- ID numbers used internally at FBCS
FBCS has indicated that there is no evidence suggesting that any personal information compromised during this incident has been further misused.
In response to the breach, Comcast is offering complimentary identity theft protection services for at least 12 months through membership in CyEx Identity Defense Complete, which includes credit monitoring services.
The company is also working with FBCS to understand how the incident occurred and to notify affected individuals and appropriate governmental authorities.
Customers are advised to remain vigilant for incidents of fraud or identity theft by reviewing their account statements and free credit reports for any unauthorized activity.
Comcast also encourages customers to sign up for two-step verification and be alerted for unusual or suspicious emails or telephone calls.
This breach is part of a larger incident that affected over 4.2 million individuals, including customers of Truist Bank and other organizations that used FBCS’s services.
Strategies to Protect Websites & APIs from Malware Attack => Free Webinar