Comcast Cable Communications LLC has confirmed a data breach that has impacted over 237,000 individuals, including 22 residents of Maine. This Comcast data breach was linked to Financial Business and Consumer Solutions, Inc. (FBCS), a third-party service provider.
The chain of events leading to the data breach at Comcast began on February 14, 2024, when an unauthorized party accessed the FBCS computer network. This cyberattack on Comcast resulted in the downloading and encryption of sensitive data during a ransomware attack. Initially, on March 13, 2024, FBCS informed Comcast that no consumer data had been compromised.
However, a startling revelation occurred on July 17, 2024, when FBCS notified Comcast that customer data had indeed been affected.
New Details on the Comcast Data Breach
Following the incident, FBCS reported the breach to the Federal Bureau of Investigation (FBI) and sought the assistance of third-party cybersecurity specialists to investigate the extent of the compromise. The findings confirmed that personal information had been downloaded by the unauthorized party.
According to the investigation, the information acquired during the Comcast cyberattack included critical personal identifiers such as names, addresses, Social Security numbers, dates of birth, and Comcast account numbers. This information is not only sensitive but also poses a significant risk for identity theft and fraud.
FBCS noted that while they have no evidence suggesting that the compromised information has been misused, the potential for harm remains a serious concern for those affected. The data involved dates back to approximately 2021, as FBCS retained records for a period after their partnership with Comcast ended in 2020.
Notification and Support for Affected Individuals
On August 16, 2024, Comcast began notifying individuals affected by the breach through written communications. The company is providing complimentary identity theft protection services for 12 months, partnering with CyEx Identity Defense Complete to offer credit monitoring and additional support.
In the notification letter, Comcast emphasized that the security incident occurred solely at FBCS and did not involve Comcast’s systems. However, to ensure consumer safety, Comcast has taken steps to assist those impacted by the breach, including direct communication and support services.
Michael Borgia, an attorney with Davis Wright Tremaine LLP and outside counsel for Comcast, stated, “We are committed to helping our customers navigate the aftermath of this incident and ensure that they have the resources necessary to protect themselves.”
Conclusion
The Comcast data breach highlights the vulnerability of consumer data, particularly when it is managed by third-party vendors. Consumers are advised to take precautionary measures in response to the breach. Comcast encourages individuals to review their account statements, monitor their credit reports for unauthorized activity, and consider enrolling in the offered identity theft protection services. Additionally, customers should implement two-step verification for their Xfinity accounts to enhance security.