More Than 230,000 Comcast Customer’s Data Leaked In a Ransomware Attack
- In a recent filing with Maine's attorney general, Comcast revealed that the data of more than 237,703 users had been leaked in a ransomware attack.
- The attack originally hit FBCS (a debt collection service) that Comcast used until 2020.
- No ransomware group has claimed responsibility for the attack yet.
More than 237,703 Comcast customers' data have been stolen during a third-party ransomware attack, the telecom giant revealed in an October 4th filing with Maine's attorney general.
The attack took place between February 14 and February 26, 2024, and Comcast was first notified of the breach in March 2024 by the Financial Business and Customer Solutions (FBCS) - a third-party debt collection service where the attack took place.However, initially, the FBCS told the company that no Comcast data was involved in the security incident. But then later in July, it notified the company that its data had indeed been compromised.
Compromised data includes
- Names and addresses
- Social security numbers
- Dates of birth
- Comcast account numbers
- ID numbers
Although the company stopped using FBCS as a debt collection service in 2020, the stolen data belongs to people registered as customers around 2021.
How Did the Attack Happen?Not much is known about the nature or the methodology of the attack. No ransomware group has claimed responsibility for the attack either.
All that we know is that during February, an unauthorized party gained access to FBCS's network, managed to download some data from its system, and encrypted some other parts of the system as part of the attack.
The overall hit on FBCS was much worse:
- In its own filing, the company revealed that more than 4 million of its users' data were accessed during the attack. How many of these were finally compromised is yet to be known.
- Some notable clients of FBCS that were definitely hit include CF Medical and Truist Bank.
CF Medical addressed the news and said that more than 620,000 of its customers have been affected. Along with basic personal information, the customers' health information and insurance details were also leaked.
Truist Bank also made a statement. With more than 10 million customers, it is one of the largest banks in the USA. It hasn't yet revealed exactly how many users were affected. Stolen data includes basic personal information plus account numbers and social security numbers.
The Growing Menace of Ransomware AttacksRansomware attacks these days are growing at an unprecedented rate. No company, big or small, is safe.
For instance, in June this year, a lot of London hospitals were crippled by a ransomware attack. A Russian group called Quilin" claimed responsibility for the attack.
The group attacked Synnovis, a pathology service provider that offers services to a lot of hospitals in London. As a result, many hospitals connected to this organization were struggling to offer even basic pathology services.
Affected hospitals include Guy's and St Thomas', Evelina London Children's Hospital, King's College Hospital NHS Foundation Trusts, and a few others.
In 2023 alone, payments in Ransomware attacks crossed $1.1 billion whereas in 2022, it was $567 million.
Countries around the world have realized the growing threat of ransomware. Hence, the UK and 38 other countries have joined hands to fight against it at the US 2024 Counter Ransomware Initiative (CRI) summit. A new set of guidelines encourages victims to not pay ransom to threat actors as it motivates them to conduct more such campaigns.
Instead, it recommends having a contingency plan in place to recover in case such an attack happens. How effective this guideline will be is yet to be seen.
The post More Than 230,000 Comcast Customer's Data Leaked In a Ransomware Attack appeared first on The Tech Report.