Comcast is under hot waters for a massive data breach that exposed the personal details of over 230,000 customers, and the compromised information included sensitive data such as name, social security number, and addresses. The company confirmed the data leak occurred due to a third-party debt collection company and is the second time in a row that customers' personal details have been compromised. Even though the company has initiated necessary protocols for informing and protecting its customers, it still raises some serious concerns about potential exploitation, especially regarding identity theft and fraud.
Comcast confirms another major data breach that occurred within a year and has impacted over 230,000 users
Comcast has been facing immense pressure for exposing sensitive customer information of over 230,000 customers, including names, social security numbers, addresses, and birth dates. The source of the breach is a third-party debt collection agency, Financial Business and Consumer Solutions (FBCS), with which the company had previously worked.
As highlighted by TechCrunch, in a recent filing with Maine's attorney general, Comcast informed about the data breach by FBCS that compromised data of 237,703 subscribers and went on to state that the third-party agency in March told the company about a ransomware attack that took place but confirmed no Comcast customers were involved. Later in July, FBCS let Comcast know that its customers' data had, in fact, been compromised.
Comcast said the breached data includes customer information from around 2021, as the company stopped using FBCS services in 2020. Truist Bank is one of the largest banks in the U.S., and they said that issue extended to their customers as their information was also compromised. FBSC is yet to give more details on the nature of the security incident, but Comcast, in its filing, stated it was a ransomware attack. The filing states:
From February 14 and February 26, 2024, an unauthorized party gained access to FBCS’s computer network and some of its computers. During this time, the unauthorized party downloaded data from FBCS systems and encrypted some systems as part of a ransomware attack.
This is not the first time Comcast has allowed customer data to be exposed, as previously, a security vulnerability led to users' personal information being hacked into and accounted for a big data breach. Given the adverse impact of such vulnerabilities, companies should proactively work on protecting user information not only for their systems but also for any partners onboard to avoid losing customers and potentially paving the way for identity theft and fraud.
