Analysis Summary

Comcast Cable Communications and Truist Bank customers are being notified that their data has been exposed following their disclosure that they were affected by a data breach at FBCS.

The case relates to a data breach at Financial Business and Consumer Solutions (FBCS), a debt collection firm in the United States that collaborates with different businesses to obtain overdue payments. The following information was stolen from FBCS's electronic records by threat actors who broke into its network between February 14 and February 26, 2024, according to a data breach notification the company sent out in April of this year:

• Full Name
• SSN or Social Security Number
• Birthdate
• Account Details
• ID Card or Driver's License Number

After more research, the number of persons affected by the data breach was estimated to have been 1.9 million at first, but it was later increased to 3.2 million in June and 4.2 million in July. Comcast and Truist were among the other organizations notified by FBCS that they had been affected, indicating that the internal investigation into the matter looks to still be ongoing.

Furthermore, it is now disclosed that entities indirectly affected by the incident would be responsible for handling the notification and remediation procedures themselves due to FBCS's deteriorating financial situation, which is most likely a direct consequence of the breach.

Comcast says that in March, FBCS gave them assurances that no customer data was affected by the security breach. But on July 17, FBCS informed Comcast that their customer information was also affected. A report to the Maine authorities states that the incident affected 273,703 Comcast customers. During FBCS's investigation, it was found that the unauthorized person had downloaded files containing name, address, date of birth, Social Security number, Comcast account number, and ID numbers that were utilized internally within FBCS.

According to FBCS, there is no proof that any personal data that was stolen during this event has been utilized improperly since. Free identity theft protection services for a year were sent to anyone who was affected, along with activation instructions.

In related news, one of the biggest banks in the US, Truist Bank, notified its clients about a data breach connected to the FBCS event. The letters were distributed in the middle of September, but the Californian authorities have since received a sample. According to FBCS, each person's specific information may have been affected, and this information may include the consumer's name, address, account number, birth date, and Social Security number.

With more than 2,700 locations operating in 15 states, Truist has 40,000 employees. Because of this, the precise number of affected individuals is unknown, but it may be substantial. A further breach was purportedly discovered in October 2023 by Truist Bank in June of last year, following a threat actor's disclosure of stolen data on a data leak site.

Impact

• Financial Loss
• Exposure of Sensitive Data
• Identity Theft

Remediation

• Use strong, unique passwords for sensitive accounts. Regularly change passwords for all accounts.
• Implement multi-factor authentication (MFA) on all accounts to add an extra layer of security to login processes.
• Organizations need to stay vigilant and follow best practices for cybersecurity to protect their systems and data from potential threats. This includes regularly updating software and implementing strong access controls and monitoring tools.
• Develop a comprehensive incident response plan to respond effectively in case of a security breach or data leakage.
• Maintain regular backups of critical data and systems to ensure data recovery in case of a security incident.
• Adhere to security best practices, including the principle of least privilege, and ensure that users and applications have only the necessary permissions.
• Establish a robust patch management process to ensure that security patches are evaluated, tested, and applied promptly.
• Conduct security audits and assessments to evaluate the overall security posture of your systems and networks.
• Implement network segmentation to contain and isolate potential threats to limit their impact on critical systems.
• Never trust or open links and attachments received from unknown sources/senders.
• Improve communication with customers by providing timely and transparent updates about data breaches, including what information was compromised and the steps being taken to mitigate the impact.
• Ensure that all vendors and third-party partners adhere to stringent security protocols and regularly assess their cybersecurity practices to minimize the risk of data breaches originating from external sources.
• Provide affected customers with comprehensive support, including credit monitoring services, identity theft detection, and resolution assistance, to help mitigate the potential consequences of the breach.