Cyber Threat Radar – Comcast Cable Communications and Truist Bank have announced that a data breach at Financial Business and Consumer Solutions (FBCS), a debt collection agency in the United States, has led to the compromise of their customers’ personal information. The companies are in the process of informing those impacted by the incident.
The breach took place at FBCS, a company that offers debt collection services to multiple organizations. In April 2024, FBCS announced that its systems had been infiltrated by cybercriminals from February 14 to February 26, 2024. During this period, unauthorized individuals extracted sensitive data from the agency’s digital records.
4.2 million Affected By Customer Data Breach
Initially, it was estimated that 1.9 million people were affected by the breach. However, subsequent investigations uncovered that this figure rose to 3.2 million by June and further increased to 4.2 million by July. As the inquiry progresses, more companies, such as Comcast and Truist Bank, have been notified of their involvement.
Due to the financial challenges FBCS is experiencing as a consequence of the breach, the obligation to inform affected customers and manage the subsequent issues has now fallen to the companies that were indirectly affected by the incident.
Comcast was informed by FBCS in March that there was no impact on its customers due to the incident. However, on July 17, FBCS updated the telecommunications and media giant, revealing that customer data had been compromised. A report filed with authorities in Maine indicated that 273,703 Comcast customers were affected by the breach.
Attackers Accessed Customer Data
A communication dispatched to Comcast customers indicated that the attackers had accessed information such as names, addresses, Social Security numbers, dates of birth, and internal account identifiers from both Comcast and FBCS systems. Additionally, the communication noted that FBCS had not discovered any evidence indicating that the compromised data had been used inappropriately thereafter.
Truist Bank has also started notifying its customers about the FBCS breach. The US-based financial institution dispatched letters to those affected in mid-September, and a copy of the correspondence was submitted to authorities in California. As stated in Truist Bank’s communication to customers, the nature of the compromised data differed among individuals, potentially encompassing names, addresses, account numbers, dates of birth, and Social Security numbers.
Truist Bank operates over 2,700 branches in 15 states and employs a workforce of 40,000. As a result, the potential impact of the breach may affect a significant number of customers, although the precise number has not been revealed.
Patented Protection Against Infostealer Malware
“In light of the FBCS customer data breach, SentryBay stands ready to help businesses with their cyber defense postures,” said Liam Davenport, Enterprise Cybersecurity Solutions Director, SentryBay. “SentryBay’s Armored Client solution is the OEM at the heart of Citrix App Protection, and is now proven protection against infostealer malware for Microsoft AVD and W365 endpoints. The technology utilises endpoint access isolation in a manner which does not impact on performance and includes Keylogging and Screen Capture protection.”