The cyberattack took place in February 2024

Comcast says data of 230,000 customers stolen in ransomware attack

By Dwaipayan Roy

Oct 07, 2024

07:49 pm

---

What's the story

US telecommunications giant, Comcast, has warned about a major data breach.

The incident took place during a ransomware attack on Financial Business and Consumer Solutions (FBCS), a third-party debt collection agency that was once used by Comcast.

The breach led to the theft of personal information of over 230,000 customers who were registered around 2021.

Information leak

Initial denial and subsequent confirmation

The cyberattack on FBCS occurred in February 2024.

Initially, in March, FBCS assured Comcast that no customer data was compromised during the security incident.

However, by July, FBCS had to admit that Comcast's customer data had indeed been breached.

The compromised information includes names, addresses, Social Security numbers, dates of birth as well as Comcast account and ID numbers.

Service termination

Comcast ceased using services in 2020

The exact nature of the security incident at FBCS remains undisclosed. However, Comcast's filing with Maine's Attorney General said it was a ransomware attack.

The filing stated, "An unauthorized party gained access to FBCS's computer network and some of its computers" between February 14 and February 26, 2024.

Widespread impact

FBCS breach impacts over 4 million people

The FBCS data breach had a far-reaching impact, affecting over four million people. In some cases, attackers even accessed medical claims and health insurance information.

CF Medical, a medical debt-purchasing company (also known as Capio), confirmed that customer health information was stolen due to the FBCS breach.

In September 2024, CF Medical reported that personal and health information of over 620,000 individuals had been stolen.

Bank breach

Truist Bank also affected by FBCS data breach

Truist Bank, one of the biggest banks in the US, has also confirmed its impact from the FBCS data breach.

The bank has not revealed how many of its 10 million customers were affected. However, it warned that attackers accessed names, addresses, account numbers, dates of birth as well as Social Security numbers.

This further underscores the severity and wide-reaching consequences of the ransomware attack on FBCS.