Comcast discloses data breach from July impacting ~238k customers

Comcast (NASDAQ:CMCSA) said it found out that a hacker obtained private information of nearly 238,000 customers in a data breach incident that occurred in July this year.

The U.S. cable company disclosed the breach in a filing with the Maine attorney general’s office on Oct. 3, which was first reported by tech news website Bleeping Computer.

The cyber incident was first discovered in February when an unauthorized actor accessed systems operated by Financial Business and Consumer Solutions (FBCS), Comcast’s third-party service provider.

FBCS in March notified Comcast that it had experienced a data breach incident but said Comcast’s consumer data was not impacted. Months later, in July, FBCS’s investigations showed that the company’s data was in fact impacted. FBCS also notified the FBI of the attack.

Comcast said in its disclosures to the Maine AG and customers that the breach “occurred entirely at FBCS and not at Xfinity or on Comcast systems.”

FBCS found that files that were accessed in the cyber attack included customers’ name, address, Social Security number, date of birth, and Comcast account number and ID numbers used internally at FBCS, as per Comcast’s notice to customers.