TL;DR
- Comcast has confirmed that a data breach at a third-party debt collection company exposed the personal information of over 237,000 customers, including social security numbers, names, addresses, and birth dates.
- The breach occurred in February, but Comcast was only informed of it in July. The compromised data dates back to around 2021.
- This incident follows a previous breach that affected 35 million Xfinity customers, highlighting ongoing vulnerabilities in Comcast’s data protection measures.
Comcast has confirmed that a massive third-party data breach has exposed the personal information of over 230,000 customers. The leaked data includes social security numbers, names, addresses, and birth dates of the affected customers.
In a filing with the state of Maine (via Bleeping Computer), Comcast notes that the total number of customers hit by the data breach is 237,703. The information was actually hacked from Financial Business and Consumer Solutions (FBCS), a debt collection company used by Comcast. The ransomware attack took place in February, and FBCS informed Comcast of the breach in July.
In its latest filing, Comcast notes that the breached data includes information from around 2021. The company has since stopped using the services of FBCS.
It seems Comcast is repeatedly failing to protect its customer data from falling into the wrong hands. While this latest data breach cannot be directly attributed to a fault in Comcast’s systems, last year, the company disclosed an even bigger data breach affecting 35 million Xfinity customers. That previous breach occurred due to a security vulnerability, which hackers were able to exploit to steal customer data.