Cyber Defense Advisors

Ransomware attack leaks social security numbers of over 230,000 Comcast customers

Graham CLULEY

October 10, 2024

Promo Protect all your devices, without slowing them down. Free 30-day trial

Over 237,000 Comcast customers have had their sensitive personal information compromising following a ransomware attack against a third party company.

Financial Business and Consumer Solutions (FBCS), a debt collection agency previously used by Comcast, was the subject of a ransomware attack in February 2024, which had a database of names, addresses, social security numbers, dates of birth, and Comcast account details exposed.

FCBS initially informed Comcast in March 2024 that no customer data was accessed during the attack. However, FCBS admitted in July that malicious hackers had succeeded in downloading customer data during the attack which affected more than four million people.

Other clients of FBCS, including Truist Bank also had their customers’ information compromised, and in a data breach notification FBCS confirmed that stolen data had included health insurance information and medical claims.

Now, some four months later, Comcast has made public that 237,703 of its customers have also been impacted by the data breach.

In its filing with Maine’s attorney general, Comcast reveals that it was a ransomware attack that resulted in the theft of data from Pennsylvania-based FBCS – a fact not shared by FBCS itself in its announcements about the breach.

“From February 14 and February 26, 2024, an unauthorized party gained access to FBCS’s computer network and some of its computers. During this time, the unauthorized party downloaded data from FBCS systems and encrypted some systems as part of a ransomware attack.”

No ransomware group appears to have claimed responsibility for the attack on FBCS.

There will understandably be concerns about the length of time it took for FBCS to inform Comcast about its security breach, and also how long it has taken for Comcast customers to learn that they are impacted.

According to Comcast, it terminated its relationship with FBCS in 2020, and the exposed information dates back to around 2021. As is common in such breaches, affected individuals are being offered identity theft protection and credit-monitoring services.

Of course, those users who have had their sensitive personal information fall into the hands of cybercriminals will be left with a bad impression of Comcast, regardless that it was one of Comcast’s past suppliers who appear to have actually suffered the breach.

Once again organisations are learning the hard way that it’s not just how secure your own systems are that is important, but also how well your suppliers and partners are defending against a cyber attack. At the end of the day, when the security hits the fan, your customers are likely to be left feeling that it is your brand that let them down, and not the company you entrusted with processing their data.