U.S. telecom big Comcast has warned that cybercriminals stole the non-public knowledge of greater than 230,000 prospects throughout a ransomware assault on a third-party supplier of debt assortment companies.
The breach pertains to a February cyberattack on Monetary Enterprise and Shopper Options (FBCS), a Pennsylvania-based debt assortment company utilized by Comcast.
In a submitting with Maine’s legal professional common on Friday, Comcast mentioned that FBCS initially informed the corporate in March that the safety incident concerned no Comcast buyer knowledge. Later in July, FBCS notified Comcast that its buyer knowledge had the truth is been compromised.
Comcast says that 237,703 subscribers are affected by the information breach, with hackers accessing their names, addresses, Social Safety numbers, dates of start, and Comcast account numbers and ID numbers.
The stolen knowledge belongs to these registered as prospects at “round 2021,” Comcast says, including that the corporate stopped utilizing FBCS for debt assortment in 2020.
FBCS has not but revealed the character of its safety incident however Comcast’s submitting confirms it was a ransomware assault.
“From February 14 and February 26, 2024, an unauthorized social gathering gained entry to FBCS’s laptop community and a few of its computer systems,” the submitting states. “Throughout this time, the unauthorized social gathering downloaded knowledge from FBCS programs and encrypted some programs as a part of a ransomware assault.”
The incident has not but been claimed by any main ransomware group and FCEB beforehand blamed an “unauthorized actor” for the assault.
FCEB didn’t reply to TechCrunch’s questions.
In a submitting with Maine’s legal professional common earlier this yr, FBCS confirmed that greater than 4 million individuals had their private data accessed through the February cyberattack. It’s not identified what number of of FBCS’ prospects have been affected, however the group mentioned in its knowledge breach discover that, in some circumstances, the attackers accessed medical claims and medical insurance data.
CF Medical, a medical debt-purchasing firm that goes by the commerce title Capio, has confirmed it was among the many organizations that noticed buyer well being data stolen because of the FBCS breach. In September, CF Medical mentioned greater than 620,000 people had private and well being data stolen.
Truist Financial institution — one of many largest banks in the USA — additionally confirmed it was affected by the incident, as lately filed with California’s legal professional common. It’s not but identified what number of of Truist Financial institution’s 10 million prospects have been affected, however the banking big warned that the attackers accessed names, addresses, account numbers, dates of start, and Social Safety numbers.
