Comcast Cable Communications and Truist Financial institution have disclosed they had been impacted by an information breach at FBCS, and are actually informing their respective clients that their information has been compromised.
The case issues an information breach at Monetary Enterprise and Shopper Options (FBCS), a debt assortment company within the U.S. that companions with numerous corporations to gather unpaid money owed on their behalf.
Final April this 12 months, FBCS knowledgeable of an information breach decided to have occurred between February 14 and February 26, 2024, when risk actors breached its community and stole the next particulars from its digital data:
- Full title
- Social Safety Quantity (SSN)
- Date of start
- Account data
- Driver’s license quantity or ID card
The info breach was initially believed to have impacted 1.9 million folks, however subsequent findings upped the tally to three.2 million in June and, lastly, 4.2 million people in July.
The inner investigation into the incident seems to be ongoing, as FBCS just lately knowledgeable extra entities that they’d been impacted, together with Comcast and Truist.
Additionally, it’s now made identified that as a consequence of FBCS’s worsening monetary place, presumably a direct results of the breach, entities not directly impacted by the incident must undertake the notification and remediation processes themselves.
Comcast information uncovered
Comcast says FBCS assured them in March that the safety incident impacted no buyer information. Nonetheless, on July 17, FBCS notified Comcast that its buyer information was additionally impacted.
In line with a discover submitted to the Maine authorities, 273,703 Comcast clients had been impacted by the breach.
“FBCS’s investigation found that recordsdata downloaded by the unauthorized celebration included your title, deal with, Social Safety quantity, date of start, and your Comcast account quantity and ID numbers used internally at FBCS,” reads the notification despatched to impacted clients.
“FBCS states that it has no indication that any private data compromised throughout this incident has been additional misused.”
Impacted folks got 12 months of free-of-charge identification theft safety companies, with activation directions enclosed.
Truist Financial institution additionally impacted
In associated information, Truist Financial institution, one of many largest banks in the USA, additionally despatched notices of an information breach to its clients linked to the FBCS incident.
The letters had been despatched out in mid-September, however a pattern was submitted extra just lately to the Californian authorities.
“FBCS has indicated that the kind of data which will have been impacted varies per individual and will embrace client title, deal with, account quantity, date of start and Social Safety quantity,” disclosed Belief Financial institution.
Truist operates over 2,700 branches throughout 15 states and employs 40,000 folks. As such, the variety of impacted folks may very well be important, although it has not been specified.
BleepingComputer emailed Truist to study what number of of its clients had been impacted by this incident, however a remark wasn’t instantly out there.
In the meantime, final June, Truist Financial institution confirmed a separate breach that reportedly occurred in October 2023 after a risk actor leaked stolen information on a hacking discussion board.