Massive data breach hits 230,000 Comcast customers — names, addresses and social security numbers exposed

News
By
published

This is not good

PHILADELPHIA, PA - AUGUST 18: A view of the Comcast offices on August 18, 2015 in Philadelphia, Pennsylvania. Comcast Corporation, headquartered in Philadelphia, is a global media and technology company with two primary businesses: Comcast Cable and NBCUniversal. Comcast is also a limited partner with venture capital firm Comcast Ventures and is the majority owner of the sports and entertainment company Comcast-Spectacor.
(Image credit: Cindy Ord/Getty Images for Comcast)

A recent court filing by Comcast is claiming that over 230,000 customers' personal data was affected by a data breach of a third-party debt collector that serves on behalf of Comcast.

The filing, spotted by Engadget, revealed that 237,703 customers were hit by the hack.

Way back in February of 2024, a Pennsylvania-based debt collection agency, Financial Business and Consumer Solutions (FBCS), was hit by a ransomware attack. The agency services debt collection for cable giant Comcast, and initially told Comcast that no customer data was affected in the breach. 

However, FBCS changed their tune in July when it was reported by TechCrunch that the company notified Comcast saying the personal customer information had been compromised.

According to the reports, the bad actors were able to hoover up addresses, dates of birth, ID numbers, Social Security numbers, names and Comcast account numbers. Apparently, the stolen data belongs to customers who signed up with Comcast "around 2021." Comcast claims that they no longer use FBCS for debt collection.

“From February 14 and February 26, 2024, an unauthorized party gained access to FBCS’s computer network and some of its computers,” the filing states. “During this time, the unauthorized party downloaded data from FBCS systems and encrypted some systems as part of a ransomware attack.

“From February 14 and February 26, 2024, an unauthorized party gained access to FBCS’s computer network and some of its computers. During this time, the unauthorized party downloaded data from FBCS systems and encrypted some systems as part of a ransomware attack," FBCS told Comcast according to the court filings.

At this time, it's not known who attacked FBCS' systems, with the debt collector calling them an "unauthorized actor." Apparently, over 4 million people were impacted overall by the breach, beyond just Comcast customers. The collector has said that medical claims, health insurance information and other IDing data was also stolen. 

It's disheartening that hackers targeted a debt collection agency as the people in their systems can least afford to have their information stolen or ransomed. 

More from Tom's Guide

Scott Younker
Scott Younker
West Coast Reporter

Scott Younker is the West Coast Reporter at Tom’s Guide. He covers all the lastest tech news. He’s been involved in tech since 2011 at various outlets and is on an ongoing hunt to build the easiest to use home media system. When not writing about the latest devices, you are more than welcome to discuss board games or disc golf with him.