Comcast warned that hackers stole personal data from more than 230,000 customers during a ransomware attack on a third-party debt collector, according to a court filing. The hackers targeted a Pennsylvania-based debt collection agency called Financial Business and Consumer Solutions (FBCS).
The attack happened in February, but Comcast claims FBCS initially said no customer data was involved in the incident. FBCS changed its stance by July, when it notified Comcast that customer information had been compromised, TechCrunch reports.
In total, 237,703 customers were affected by the breach. The attackers stole names, addresses, Social Security numbers, dates of birth, Comcast account numbers, and ID numbers. Comcast says the stolen data belonged to customers who signed up with the company “around 2021.” It also said it has stopped using FBCS for debt collection.
“Between February 14 and February 26, 2024, an unauthorized party gained access to FBCS’s computer network and certain of its computers,” the filing said. “During this time, the unauthorized party downloaded data from FBCS systems and encrypted certain systems as part of a ransomware attack.”
No group has come forward to take credit for the incident. FBCS has referred to the attacker only as an “unauthorized actor.” The attack caused massive losses for the debt collection agency, with Comcast customers being just one group of victims. The company says more than four million people were affected and that cybercriminals accessed medical claims and health insurance information in addition to standard identity data.
In this regard, medical debt-buying company CF Medical confirmed that 600,000 of its customers were involved in the breach. Truist Bank also confirmed that it was affected by the attack.
It’s worth mentioning that this incident primarily affects debtors, leaving them open to potential scams.
Chris Hawk, consumer privacy advocate at Pixel Privacy, told Engadget that “bad guys who get their hands on this information could use it to impersonate debt relief agencies, which many people use to get out of their situation, meaning many of the debtors involved could be duped of large sums of money they can’t afford.”
In other words, keep an eye out for suspicious phone calls, emails, and texts. This is good advice for everyone, not just debtors whose data was stored with FBCS. After all, it was revealed that hackers stole more than 2.7 billion records from US consumers earlier this year, which potentially includes data on everyone living in the country.