Ethical Hacking News
Comcast has been ordered to pay $1.5 million in fines after a data breach affecting nearly 275,000 customers was discovered. The breach occurred when attackers hacked into the systems of FBCS, a debt collector that Comcast had stopped using two years earlier. The incident highlights the need for companies to properly oversee their vendors and ensure the secure disposal of customer information.
Comcast has been fined $1.5 million for its role in a data breach that affected nearly 275,000 customers. The breach occurred when attackers hacked into the systems of Financial Business and Consumer Solutions (FBCS), a debt collector that Comcast had stopped using two years earlier. Comcast received services from FBCS despite knowing it was no longer used, until the breach was discovered in August 2024. The FCC found that Comcast failed to properly oversee its vendors and ensure the secure disposal of customer information. Comcast has agreed to implement a compliance plan, including regular reporting and risk assessments, to prevent similar breaches in the future.
Comcast, one of the largest telecommunications companies in the world, has been ordered to pay a fine of $1.5 million for its role in a data breach that affected nearly 275,000 customers. The breach occurred when attackers hacked into the systems of Financial Business and Consumer Solutions (FBCS), a debt collector that Comcast had stopped using two years earlier.
The breach was initially believed to have affected 1.9 million people in total, but the tally was later raised to 3.2 million in June and finally to 4.2 million in July. The attackers stole personal and financial information from the affected customers, including their names, addresses, Social Security numbers, dates of birth, and Comcast account numbers.
Comcast had stopped using FBCS two years earlier, but it continued to receive services from the company until the breach was discovered. In August 2024, FBCS notified Comcast that customer data had been compromised, affecting 273,703 customers. However, it was not until July 15, five months later, that FBCS actually revealed the extent of the breach.
The Federal Communications Commission (FCC) investigated the breach and found that Comcast had failed to properly oversee its vendors and ensure the secure disposal of customer information. As a result, Comcast has agreed to implement a compliance plan that includes enhanced vendor oversight, risk assessments every two years, and regular reporting to the FCC.
Comcast has also been ordered to appoint a compliance officer, conduct risk assessments of vendors handling customer data every two years, file compliance reports with the FCC every six months for the next three years, and report any material violations within 30 days of discovery. The company maintains that it was not responsible for and did not concede any wrongdoing in connection with the incident.
FBCS filed for bankruptcy before revealing a data breach in August 2024. The debt collector had assured Comcast in March that the breach did not affect any of its customers. However, the attackers stole personal and financial information between February 14 and February 26, affecting the names, addresses, Social Security numbers, dates of birth, and Comcast account numbers of affected current and former customers.
Affected customers had used Comcast's Xfinity-branded internet, television, streaming, VoIP, and home security services. The breach was a serious incident that highlights the need for companies to properly oversee their vendors and ensure the secure disposal of customer information.
The consequences of data breaches like this one can be severe. In addition to the financial costs, data breaches can also result in reputational damage and loss of customer trust. Companies must take proactive steps to prevent data breaches and protect their customers' sensitive information.
In conclusion, Comcast's fine for its role in a data breach affecting nearly 275,000 customers is a significant consequence of the company's failure to properly oversee its vendors and ensure the secure disposal of customer information. The incident highlights the need for companies to prioritize security and compliance when it comes to protecting their customers' sensitive information.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Consequences-of-a-Data-Breach-Comcast-to-Pay-15-Million-Fine-for-Vendor-Breach-Affecting-270K-Customers-ehn.shtml
https://www.bleepingcomputer.com/news/security/comcast-to-pay-15-million-fine-after-a-vendor-data-breach-affecting-270-000-customers/
Published: Wed Nov 26 12:41:47 2025 by llama3.2 3B Q4_K_M
