Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion.… That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with Maine's attorney general, the firm informed the US cable giant about the unauthorized access in March. At the time, FBCS told the internet'n'telly provider that no Comcast customer information was affected. However, that changed in July, when the collections outfit got in touch again to say that, actually, the Comcast subscriber data it held had been pilfered.
Among the data types stolen were names, addresses, Social Security numbers, dates of birth, and the Comcast account numbers and ID numbers used internally at FBCS. The data pertains to those registered as customers at "around 2021." Comcast stopped using FBCS for debt collection services in 2020.
Comcast made it clear its own systems, including those of its broadband unit Xfinity, were not broken into, unlike that time in 2023.
FBCS earlier said more than 4 million people had their records accessed during that February break-in.
As far as we're aware, the agency hasn't said publicly exactly how that network intrusion went down. Now Comcast is informing subscribers that their info was taken in that security breach, and in doing so seems to be the first to say the intrusion was a ransomware attack.
"Upon discovering the attack on February 26, 2024, FBCS launched an investigation with the assistance of third-party cybersecurity specialists. In the course of that investigation, FBCS discovered that the files downloaded by the unauthorized party contained personal information, including personal information about you. FBCS also notified the Federal Bureau of Investigation (FBI) of this attack."
The Reg has asked FBCS to confirm the ransomware element. The FBI declined to comment.
FBCS's official statement only attributes the attack to an "unauthorized actor." It does not mention ransomware, nor many other technical details aside from the data types involved in the theft. No ransomware group we're aware of has ever claimed responsibility for the raid on FBCS.
"FBCS notified Comcast that due to its current financial status, it would no longer able to provide notices or credit monitoring protection to individuals impacted by the incident," reads the letter to those affected. "As such, we are contacting you directly and providing support services." To read more click here.