Massive data breach exposes over 3 million Americans' personal information to cybercriminals

A debt collection enterprise called Financial Business and Consumer Solutions (FBCS) has been impacted by a massive data breach that affects millions of Americans.

Jun 23, 2024 - 08:41
Massive data breach exposes over 3 million Americans' personal information to cybercriminals

A debt collection enterprise called Financial Business and Consumer Solutions (FBCS) has been impacted by a massive data breach that affects millions of Americans. FBCS is a debt collection agency that specializes in recovering charged-off consumer and commercial debts, such as car loans, health care bills, utility bills, student loans and credit cards.

The initial tally of those affected was around 1.9 million, which the company raised to 3 million in June 2024. The data breach leaked a treasure trove of consumer data, including full name, Social Security number (SSN), date of birth, and driver’s license number or ID card. The company has informed affected individuals as well as concerned authorities.

GET SECURITY ALERTS, EXPERT TIPS - SIGN UP FOR KURT’S NEWSLETTER - THE CYBERGUY REPORT HERE

According to a data breach notification sample the firm shared with the authorities, threat actors accessed FBCS' systems on Valentine's Day, but the company didn't realize the breach had occurred until Feb. 26. FBCS describes the incident as "unauthorized access to certain systems in its network."

What’s concerning is that FBCS didn’t send the notification of the data breach until late April. "This notification was not delayed as a result of a law enforcement investigation," the company says, maintaining it was conducting its own probe while notifying federal authorities.

The notification indicates that leaked information could include a variety of personal details, such as names, addresses, dates of birth, Social Security numbers, driver's licenses, state IDs, medical claim information, and even medical records. However, FBCS clarifies that not everyone affected will have all of this data exposed.

PHARMA GIANT'S DATA BREACH EXPOSES PATIENTS' SENSITIVE INFORMATION

FBCS is taking several steps to make things right. "Upon discovering this incident, we immediately took steps to conduct a diligent investigation to confirm the nature and scope of the incident. As part of FBCS’s ongoing commitment to the security of information on our platform, we also implemented additional safeguards in a newly built environment," the company said in the notification.

The company is also providing affected individuals a free 24-month credit monitoring and identity restoration service. This data breach may make you more susceptible to phishing, identity theft, and other social engineering attacks. To protect yourself, be careful about what information you share and closely monitor your bank account activity for any suspicious transactions.

We reached out to FBCS for a comment on this article but did not hear back by our deadline.

MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORD

If you’ve been impacted by this data breach, follow these steps to protect your personal data and privacy.

1) Invest in identity theft protection: If you think your personal data has been leaked, scammers may try to impersonate you to gain access to your private information. The best thing you can do to protect yourself from this type of fraud is to subscribe to an identity theft service. If you’re eligible, take the free CyEx subscription FBCS is offering.

Identity theft companies can monitor personal information like your Social Security number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

2) Place a fraud alert: If you suspect you are a victim, contact the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.

3) Be cautious of phishing attempts: Be vigilant about emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.

The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

4) Check Social Security benefits: It is crucial to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

5) Invest in personal data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Remove your personal data from the internet with my top picks here.

6) Change your password: You can render a stolen password useless to thieves simply by changing it. Opt for a strong password – one you don’t use elsewhere. Even better, consider letting a password manager generate one for you.

TICKETMASTER DATA BREACH EXPOSES 560 MILLION CUSTOMERS' DATA SAYS IT GROUP

Data breaches and cyberattacks in the U.S. are on the rise. Companies are responsible for protecting customer data, and the least they can do is inform impacted individuals promptly when a cyberattack occurs. FBCS delayed the notification, which might have given attackers time to target unprepared individuals. If you think your data has been compromised, it's best to take a proactive approach. Start by changing your passwords and monitoring your bank accounts for unknown transactions.

Do you trust companies to safeguard your personal data? Why or why not?  Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover

Follow Kurt on his social channels

 Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.