ARTICLE AD
Some 237,703 Comcast subscribers had their personal information hacked in a breach the company said was discovered this summer at a former contractor.
Specifically, the hack occurred at Financial Business and Consumer Solutions, a third-party collection agency Comcast stopped using in 2020.
“We are taking initiative to support any former and present customers who have been impacted,” the giant media conglom said in a letter to subscribers.
Comcast said it was notified last March by FBCS that the latter had experienced a data breach the month before, but that Comcast consumer data was not impacted. However, the letter noted, on July 17, FBCS notified Comcast of a new finding — that Comcast data, had, in fact, been impacted by hacks when an unauthorized party gained access to FBCS’s computer network and some of its computers, compromising personal data.
FBCS notified the FBI. The breach “occurred entirely at FBCS and not at Xfinity or on Comcast systems,” Comcast said, noting that “the compromised information about you dates from around 2021.”
FBCS also told Comcast that it couldn’t afford to provide notices or credit monitoring protection to individuals impacted by the incident.
“As such,” Comcast said, “we are contacting you directly and providing support services. FBCS received your information because they previously provided Comcast with collections-related services for delinquent payments until 2020, when Comcast ceased working with FBCS. The compromised information about you dates from around 2021, as FBCS is subject to data retention requirements beyond Comcast’s working relationship with FBCS.”
The letter said that according to FBCS, unauthorized file downloads included names, addresses, Social Security numbers, date of birth, Comcast account number and ID numbers used internally at FBCS. FBCS states that it has no indication that any personal information compromised during this incident has been further misused.
Comcast is offering complimentary identity theft protection services for at least 12 months, including credit monitoring services.
“Since FBCS informed Comcast of this incident on July 17, 2024, Comcast has been working with FBCS to understand how the incident occurred and to notify affected individuals.”
It recommended customers better protect their Xfinity accounts by signing up for two-step verification, and remain alert for unusual or suspicious emails or telephone calls.
Last December, Comcast announced a major data breach at Xfinity that may have compromised the accounts of close to 36 million accounts. A vulnerability by one of its software providers, Citrix, exposed usernames and hashed passwords and, for some customers, names, contact information, the last four digits of social security numbers, dates of birth and secret questions and answers.