Millions more victims exposed in debt collection agency data breach

Data leak
(Image credit: Shutterstock)

The recent data breach at debt collection agency Financial Business and Consumer Solutions (FBCS) was a lot bigger than initially thought, the company has revealed.

After first reporting some 1.9 million victims were affected in the incident, the company now says the actual number may be more than 4.2 million.

In late April 2024, it was reported that FBCS suffered a cyberattack two months prior, with the company noting in a breach notification letter sent to affected customers an unnamed threat actor dwelled in its IT systems for two weeks, harvesting people’s full names, social security numbers (SSN), birth dates, account information, driver’s license numbers, and ID card numbers.

Using the stolen files

Now, however, the company has issued a new supplemental notice with the Office of the Maine Attorney General increasing the number of affected people to 4,253,394 individuals. 

The company started notifying the additional people, warning them of potential risks of phishing, identity theft, and online fraud. Furthermore, FBCS is offering two years of free credit and identity theft monitoring via CyEx. The same type of information was stolen on all individuals.

It is still unknown who pulled off the heist, since no hacking collectives assumed responsibility for the attack, nor did anyone find the database leaking anywhere on the dark web. Usually, threat actors would reach out to victim organizations and try to extort money, in exchange for deleting the archives. 

If that fails, they would turn to the dark web, in an attempt to sell the archive to the highest bidder. Actively used email addresses, as well as personally identifiable information (PII), is valuable data that can be used in phishing, or even ransomware attacks. 

Ultimately, if no other options bear fruit, the hackers can always leak it online to improve their credibility in the cybercriminal community.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Lock on Laptop Screen
United Healthcare data breach may have affected 190 million Americans
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
Insurance
Globe Life data breach may have affected 850,000 more patients than previously thought
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
A business woman looking at AI on a transparent screen
Most businesses are now fully embracing AI - but aren't always protected against the risks
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
All three rumored Samsung Galaxy S25 Edge colors shown off in ‘official’ images
Cristiano Ronaldo promotional image for Fatal Fury: City of the Wolves
Yes, Cristiano Ronaldo is a playable character in Fatal Fury: City of the Wolves, and it makes more sense than you think
Buzz Lightyear Space Ranger Spin Rennovations
Disney’s giving a classic Buzz Lightyear ride a tech overhaul – here's everything you need to know
Hisense U8 series TV on wall in living room
Hisense announces 2025 mini-LED TV lineup, with screen sizes up to 100 inches – and a surprising smart TV switch
Nintendo Music teaser art
Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris