Comcast Says Third-Party Breach Impacted More Than 230,000 Customers

The telecom giant says a portion of its customers were impacted by the breach of FBCS, a collection agency formerly used by Comcast.

Comcast Cable Communications disclosed that a portion of its customers were impacted by the breach of FBCS (Financial Business and Consumer Solutions), a collection agency formerly used by the telecom giant.

In a disclosure posted by the Maine attorney general website, Comcast said the impacted data could include a customer’s name, Social Security number, address and date of birth. The breach affects a total of 237,703 Comcast customers, according to the filing.

A Comcast spokesperson referred CRN to the filing when reached by email Monday.

Comcast said it was notified on July 17 that Comcast data had been impacted in a breach that was discovered in late February. The FBCS attack included both data theft and the deployment of ransomware encryption.

Comcast said in the filing that it had stopped using FBCS’s services in 2020 and noted that the breach “occurred entirely at FBCS and not at Xfinity or on Comcast systems.”

“FBCS notified Comcast that due to its current financial status, it would no longer able to provide notices or credit monitoring protection to individuals impacted by the incident,” Comcast said in the sample notice to customers. “As such, we are contacting you directly and providing support services.”

In its own filing with the Maine attorney general’s office, in July, FBCS disclosed that it believed a total of 4.2 million people were impacted in the breach.

The company said that its network had been accessed by attackers between Feb. 14 and Feb. 26 of this year, according to the FBCS filing. CRN has reached out to FBCS for comment.