Comcast confirms 237K affected in feisty breach notification

Comcast says knowledge on 237,703 of its prospects was in truth stolen in a cyberattack on a debt collector it was utilizing, opposite to earlier assurances it was provided that it was unaffected by that intrusion.

That collections company, Monetary Enterprise and Shopper Options aka FBCS, was compromised in February, and in accordance with a submitting with Maine’s lawyer common, the agency knowledgeable the US cable big concerning the unauthorized entry in March. On the time, FBCS instructed the web’n’telly supplier that no Comcast buyer data was affected.

Nevertheless, that modified in July, when the collections outfit obtained in contact once more to say that, really, the Comcast subscriber knowledge it held had been pilfered.

Among the many knowledge sorts stolen have been names, addresses, Social Safety numbers, dates of delivery, and the Comcast account numbers and ID numbers used internally at FBCS. The information pertains to these registered as prospects at “round 2021.” Comcast stopped utilizing FBCS for debt assortment companies in 2020.

Comcast made it clear its personal methods, together with these of its broadband unit Xfinity, weren’t damaged into, not like that point in 2023.

FBCS earlier stated greater than 4 million individuals had their information accessed throughout that February break-in.

So far as we’re conscious, the company hasn’t stated publicly precisely how that community intrusion went down. Now Comcast is informing subscribers that their data was taken in that safety breach, and in doing so appears to be the primary to say the intrusion was a ransomware assault.

The unauthorized social gathering downloaded knowledge from FBCS methods and encrypted some methods as a part of a ransomware assault

In a letter to affected prospects, Comcast stated FBCS had offered it the next data: “From February 14 and February 26, 2024, an unauthorized social gathering gained entry to FBCS’s pc community and a few of its computer systems. Throughout this time, the unauthorized social gathering downloaded knowledge from FBCS methods and encrypted some methods as a part of a ransomware assault.

“Upon discovering the assault on February 26, 2024, FBCS launched an investigation with the help of third-party cybersecurity specialists. In the midst of that investigation, FBCS found that the recordsdata downloaded by the unauthorized social gathering contained private data, together with private details about you. FBCS additionally notified the Federal Bureau of Investigation (FBI) of this assault.”

The Reg has requested FBCS to verify the ransomware component. The FBI declined to remark.

FBCS’s official assertion solely attributes the assault to an “unauthorized actor.” It doesn’t point out ransomware, nor many different technical particulars except for the information sorts concerned within the theft. No ransomware group we’re conscious of has ever claimed accountability for the raid on FBCS.

After we requested Comcast concerning the ransomware, it merely referred us again to the client notification letter.

The cableco used that notification to ship one other small center finger FBCS’s means, slyly revealing that the company’s monetary state of affairs prevents it from providing the standard id and credit score monitoring safety for these affected, so Comcast is having to foot the invoice itself.

“FBCS notified Comcast that as a consequence of its present monetary standing, it could not in a position to present notices or credit score monitoring safety to people impacted by the incident,” reads the letter to these affected. “As such, we’re contacting you immediately and offering help companies.”

We additionally requested FBCS to touch upon this component of the notification. Up to now, the company is staying silent.

Comcast despatched letters to affected prospects in August, although the notification was made public by the US state of Maine solely this week.

CF Medical additionally filed an analogous breach notification to Comcast’s in late September, saying FBCS solely found its prospects have been affected in July.

CF Medical is the commerce title for Capio, one other debt assortment company, which was once a buyer of FBCS. It said that 626,396 of its prospects have been affected, although the letter didn’t point out ransomware nor FBCS’s monetary incapability to supply credit score monitoring companies in the identical means Comcast’s letter did.

The Reg additionally requested FBCS whether or not it expects many extra notifications to be made because it alerted former shoppers of affected knowledge in July. ®