Comcast Cable Communications and Truist Financial institution have disclosed they have been impacted by a knowledge breach at FBCS, and at the moment are informing their respective prospects that their knowledge has been compromised.
The case considerations a knowledge breach at Monetary Enterprise and Client Options (FBCS), a debt assortment company within the U.S. that companions with numerous corporations to gather unpaid money owed on their behalf.
Final April this 12 months, FBCS knowledgeable of a knowledge breach decided to have occurred between February 14 and February 26, 2024, when menace actors breached its community and stole the next particulars from its digital data:
- Full title
- Social Safety Quantity (SSN)
- Date of beginning
- Account info
- Driver’s license quantity or ID card
The info breach was initially believed to have impacted 1.9 million individuals, however subsequent findings upped the tally to three.2 million in June and, lastly, 4.2 million people in July.
The interior investigation into the incident seems to be ongoing, as FBCS lately knowledgeable extra entities that they’d been impacted, together with Comcast and Truist.
Additionally, it’s now made identified that resulting from FBCS’s worsening monetary place, presumably a direct results of the breach, entities not directly impacted by the incident must undertake the notification and remediation processes themselves.
Comcast knowledge uncovered
Comcast says FBCS assured them in March that the safety incident impacted no buyer knowledge. Nonetheless, on July 17, FBCS notified Comcast that its buyer knowledge was additionally impacted.
In response to a discover submitted to the Maine authorities, 273,703 Comcast prospects have been impacted by the breach.
“FBCS’s investigation found that recordsdata downloaded by the unauthorized social gathering included your title, handle, Social Safety quantity, date of beginning, and your Comcast account quantity and ID numbers used internally at FBCS,” reads the notification despatched to impacted prospects.
“FBCS states that it has no indication that any private info compromised throughout this incident has been additional misused.”
Impacted individuals got 12 months of free-of-charge identification theft safety providers, with activation directions enclosed.
Truist Financial institution additionally impacted
In associated information, Truist Financial institution, one of many largest banks in the US, additionally despatched notices of a knowledge breach to its prospects linked to the FBCS incident.
The letters have been despatched out in mid-September, however a pattern was submitted extra lately to the Californian authorities.
“FBCS has indicated that the kind of info that will have been impacted varies per particular person and should embody client title, handle, account quantity, date of beginning and Social Safety quantity,” disclosed Truist Financial institution.
Truist operates over 2,700 branches throughout 15 states and employs 40,000 individuals. As such, the variety of impacted individuals might be vital, although it has not been specified.
BleepingComputer emailed Truist to be taught what number of of its prospects have been impacted by this incident, however a remark wasn’t instantly obtainable.
In the meantime, final June, Truist Financial institution confirmed a separate breach that reportedly occurred in October 2023 after a menace actor leaked stolen knowledge on a hacking discussion board.