FBCS Breach Exposes Millions, Comcast and Truist Bank Affected

In February 2024, Financial Business and Consumer Solutions (FBCS), a U.S.-based debt collection agency, experienced a significant data breach. Cybercriminals gained access to sensitive information stored within FBCS’s systems, affecting more than 4 million individuals.

Among the organizations impacted by this FBCS breach were Comcast Cable Communications and Truist Bank, both of which have since begun notifying their customers.

The breach, which occurred between February 14 and February 26, 2024, remained unknown until FBCS detected the intrusion on February 26. However, it wasn’t until April 2024 that FBCS publicly disclosed the breach, revealing that attackers had accessed confidential consumer information.

What Happened?

The breach at FBCS took place between February 14 and February 26, 2024, during which attackers infiltrated the company’s systems and accessed sensitive customer information.

Financial Business and Consumer Solutions (FBCS) is a U.S.-based third-party debt collection agency that provides services to various companies, including financial institutions. As a service provider, FBCS manages the collection of unpaid consumer and commercial debts on behalf of its clients, handling sensitive customer data in the process.

Initial reports in April indicated that 1.9 million individuals had been affected. However, further investigation revealed the true scope of the breach, with the number of impacted individuals increasing to 4.2 million by July 2024.

The data potentially compromised in this breach varies by individual and may include names, addresses, dates of birth, Social Security numbers (SSNs), driver’s license or state ID numbers, medical claims, provider and clinical information (including diagnoses and treatments), and health insurance details, as stated by FBCS.

Such sensitive data, when exposed, increases the risk of identity theft and fraud for those affected, prompting potential threat actors to carry out phishing attacks.

SOCRadar’s Digital Risk Protection (DRP) module services like Fraud Protection, Brand Protection, and Dark Web Monitoring offer real-time detection and response to suspicious activities, helping organizations mitigate the risks of data leaks, fraud and identity theft.

Over 273,000 Comcast Customers Affected in FBCS Breach

Initially, FBCS informed Comcast in March 2024 that its customers were not affected by the data breach. However, on July 17, 2024, FBCS notified Comcast that over 273,000 of its customers had, in fact, been impacted. This information was later confirmed through a filing with the Maine Attorney General’s office, reported on October 3, 2024. Comcast issued the notification for its customers in mid-August.

Furthermore disclosed in the filing is the fact that this security incident happened only at FBCS and not at Xfinity or on Comcast systems.

The compromised data included sensitive personal information such as names, Social Security numbers (SSNs), dates of birth, and internal account identifiers used by both Comcast and FBCS systems.

Comcast Reports Ransomware Involvement

FBCS has not disclosed full details of the breach, but Comcast’s filing confirms it involved a ransomware attack, where an unauthorized party accessed FBCS’s network, downloaded data, and encrypted systems.

Despite assurances from FBCS that there was no evidence the stolen data had been further misused, Comcast took precautionary steps by offering its affected customers a year of free credit monitoring services.

Truist Bank Also Impacted by FBCS Breach, Issues Breach Notification

In September 2024, Truist Bank began notifying its customers that their sensitive information had been compromised due to the FBCS breach. This included data such as Social Security numbers (SSNs), addresses, account numbers, and dates of birth.

Following the discovery of the breach, Truist took steps to inform impacted individuals and filed an official notice with the California Attorney General in October 2024.

The bank, which was previously targeted in the Snowflake breach, is now working closely with affected customers to address any concerns regarding the latest notified breach of FBCS, providing guidance and monitoring solutions to mitigate potential risks from the breach.

Third-Party Risks Highlighted as Clients Manage Breach Aftermath

Following the breach, FBCS shifted the responsibility of notifying impacted individuals to its clients, including Comcast and Truist Bank. This shift reflects the common practice in third-party service provider relationships, where the companies using FBCS’s services are ultimately responsible for their customers’ data.

As a result, Comcast and Truist have taken proactive steps to inform their respective customers about the exposure of sensitive data, offering remedies such as credit monitoring services. Other clients of FBCS may also be impacted, and further notifications could be issued as investigations continue.

FBCS advises all potentially impacted individuals to remain vigilant by monitoring their credit reports and account statements for signs of identity theft or fraud. For more guidance, visitFBCS’s official notice.

Cyber threats increasingly target third-party providers, as seen in the FBCS breach, exposing supply chain vulnerabilities. SOCRadar’s Supply Chain Intelligence offers deep visibility into your vendors’ security, continuously monitoring for threats and suspicious activities.

You’ll receive real-time alerts on risks like data breaches and ransomware, with detailed reports on each vendor. This proactive approach helps identify weak points, allowing you to mitigate risks and strengthen your overall security posture.