The company has agreed to pay a $1.5 million fine to settle a Federal Communications Commission investigation into a data breach that exposed personal information from over 237,000 customers.
Reuters reports that the FCC announced the settlement on Monday, ending an investigation into how the company’s vendor mishandled customer data.
The breach occurred at Financial Business and Consumer Solutions (FBCS), a debt collection agency that Comcast used until 2022.
What Happened: The FBCS Breach
FBCS suffered a data breach in 2024 that compromised personal information belonging to Comcast internet, TV, and home security customers.
The breach was publicly disclosed in August 2024. However, the company had already filed for financial collapse before the incident came to light.
Under the settlement agreement, Comcast must implement a comprehensive compliance plan designed to strengthen vendor oversight practices.
The new requirements focus specifically on protecting customer privacy and ensuring information security across all third-party vendors that handle sensitive data. This step aims to prevent similar incidents from occurring in the future.
Comcast stated that it was not responsible for the breach and has not admitted any wrongdoing. The company emphasized that its own systems were not compromised during the incident.
Comcast said FBCS was required to follow strict security standards and meet all vendor security rules, Reuters reported. Despite this, the company acknowledged the importance of the settlement in moving forward.
“We remain committed to continually strengthening our cybersecurity policies and protections to safeguard customer data,” Comcast said in a statement.
Reuters expressed its dedication to maintaining robust security measures that protect its millions of customers.
The settlement shows that regulators are paying closer attention to how big telecom companies handle customer data through outside vendors.
With data breaches becoming increasingly common, regulators like the FCC are imposing stricter requirements on companies to oversee their vendors’ security practices.
This case serves as a reminder that companies remain accountable for protecting customer information, even when a breach occurs at an external vendor.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
