Ransomware attack affects 237,000 Comcast customers

North American telecommunications giant Comcast, as well as Truist Bank and Capio & CF Medical are the latest companies to be hit by a data breach, but it is not their fault. The data breach stems from the Financial Business and Consumer Solutions (FBCS) breach in February. About 237,000 Comcast customers’ personal information was exposed, including people’s names, addresses, Social Security numbers, dates of birth, as well as Comcast account and identification numbers.

RECEIVE SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Ransomware attack affects 237,000 Comcast customers

Comcast is a major cable and Internet provider. (Comcast)

What you need to know

A data breach exposed the names, addresses, Social Security numbers and dates of birth of more than 237,700 Comcast customers, according to a report. filing with the state of Maine on Fridayas reported by BeepingComputer. The breach stems from a security incident at Financial Business and Consumer Solutions (FBCS), a Pennsylvania-based debt collection agency formerly used by Comcast.

FBCS first informed Comcast in March that the security incident did not involve any customer data. However, in July, FBCS notified the telecommunications giant that its customer data had, in fact, been compromised, stating that a “Unauthorized party downloaded data from FBCS systems and encrypted some systems as part of a ransomware attack.”

The stolen data belongs to customers who signed up “around 2021,” Comcast says, adding that it stopped using FBCS for debt collection in 2020. FBCS has not yet shared the details of its security incident, but the document from Comcast confirms it was ransomware. attack, a type of cyberattack in which hackers retain data and demand a ransom to delete or return it.

Ransomware following data breaches is becoming more common. (Kurt “CyberGuy” Knutsson)

LARGEST FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS

The FBCS attack that started it all

As I reported in June, the The FBCS cyber attack happened on February 14 when hackers accessed the company’s systems. FBCS did not realize there was a breach until February 26, and when it did, it described the incident as “unauthorized access to certain systems on its network.”

Initially, the company estimated that around 1.9 million people were affected, but that number jumped to 4 million by June 2024. The data breach leaked a huge amount of consumer information, including full names, Social Security numbers , dates of birth and driver’s license or identification document. card numbers.

As FBCS provides services to several companies, its customers’ data was mixed up in the leak. So even if you have nothing to do with FBCS, your information could still be out there. Along with Comcast, Truist Bank – one of the largest banks in the US – and CF Medical, a medical debt buying company known as Capio, were also affected. As a result of this incident, Comast is offering one year of credit monitoring to affected customers.

HERE’S WHAT RUCHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

6 ways to protect yourself from data breaches

If you were affected by the Comcast breach, follow these steps to protect your personal data and privacy.

1) Invest in identity theft protection: If you think your personal data has been leaked, scammers may try to impersonate you to gain access to your private information. The best thing you can do to protect yourself from this type of fraud is to subscribe to an identity theft service.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or used to open an account. They can also help you freeze your bank and credit card accounts to prevent unauthorized use by criminals. See my tips and top picks on how to protect yourself from identity theft.

2) Place a fraud alert: If you suspect you are a victim, contact the three major credit reporting agencies (Equifax, Experian, or TransUnion) and request that a fraud alert be placed on your credit file. This will make it harder for identity thieves to open new accounts in your name without verification. Comcast is offering a year of free credit monitoring to those who may have been affected by data breach response company CyEx.

3) Be careful with phishing attempts: Be alert for emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request. The best way to protect yourself against malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for 2024’s best antivirus protection winners for your Windows, Mac, Android, and iOS devices.

4) Check Social Security benefits: It is essential to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

5) Be careful with traditional mail: With all the data breaches happening, it’s more important than ever to keep an eye on your physical mail. Hackers can obtain confidential information and this can lead to identity theft or fraud. Keep an eye out for unexpected letters or packages, especially if they ask for personal information or seem suspicious.

6) Invest in a data removal service: Consider using a data removal service that specializes in removing your personal information from online databases and people search sites. These services can help reduce your digital footprint and make it harder for identity thieves to access your information. By proactively removing your data from public view, you can increase your privacy and security after a breach like the one suffered by Comcast.

These services do all the work for you, actively monitoring and systematically deleting your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to delete your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing breach data with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here .

WORLD’S LARGEST STOLEN PASSWORD DATABASE SUBMITTED TO CRIMINAL FORUM

Kurt’s main lesson

The FBCS data breach affected Comcast, Truist, and CF Medical, and those are just the names we know of. The total number of affected users is over four million, which means we could hear about more companies whose customer data was leaked due to FBCS. Since this is a ransomware attack, FBCS may have to pay hackers a hefty ransom to recover data or delete it; otherwise, it could end up in the hands of dark web scammers and other data aggregators.

Do you think companies like FBCS should be held accountable for breaches that affect their clients’ customers? Let us know by writing to Cyberguy.com/Contato.

For more tech tips and security alerts, subscribe to my free CyberGuy Report newsletter by going to Cyberguy.com/Newsletter.

Ask Kurt a question or tell us what stories you’d like us to cover .

Follow Kurt on his social channels:

Answers to CyberGuy’s most frequently asked questions:

Kurt news:

Kurt “CyberGuy” Knutsson is an award-winning technology journalist who has a deep love for technology, gear and gadgets that make life better with his contributions to Fox News and FOX Business starting mornings on “FOX & Friends.” Have a technical question? Get Kurt’s free CyberGuy newsletter, share your voice, a story idea or comment at CyberGuy.com.