Massive data breach exposes over 3 million Americans’ personal information to cybercriminals

Massive data breach exposes over 3 million Americans’ personal information to cybercriminals

The FBCS data breach has put sensitive data in the hands of crooks

by Kurt Knutsson

A debt collection enterprise called Financial Business and Consumer Solutions (FBCS) has been impacted by a massive data breach that affects millions of Americans. FBCS is a debt collection agency that specializes in recovering charged-off consumer and commercial debts, such as car loans, healthcare bills, utility bills, student loans, and credit cards.

The initial tally of those affected was around 1.9 million, which the company raised to 3 million in June 2024. The data breach leaked a treasure trove of consumer data, including full name, Social Security Number (SSN), date of birth, and driver’s license number or ID card. The company has informed affected individuals as well as concerned authorities.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

A person holding coffee cup in hand with FBCS logo in the background.

Credit: FBCS 

What happened?

According to a data breach notification sample the firm shared with the authorities, threat actors accessed FBCS’ systems on Valentine’s Day, but the company didn’t realize the breach had occurred until February 26. FBCS describes the incident as “unauthorized access to certain systems in its network.”

What’s concerning is that FBCS didn’t send the notification of the data breach until late April. “This notification was not delayed as a result of a law enforcement investigation,” the company says, maintaining it was conducting its own probe while notifying federal authorities.

The notification indicates that leaked information could include a variety of personal details, such as names, addresses, dates of birth, Social Security numbers, driver’s licenses, state IDs, medical claim information, and even medical records. However, FBCS clarifies that not everyone affected will have all of this data exposed.

A person typing on a MacBook.

Credit: FBCS

 

PHARMA GIANT’S DATA BREACH EXPOSES PATIENTS’ SENSITIVE INFORMATION  

 

What is FBCS doing about the data breach?

FBCS is taking several steps to make things right. “Upon discovering this incident, we immediately took steps to conduct a diligent investigation to confirm the nature and scope of the incident. As part of FBCS’s ongoing commitment to the security of information on our platform, we also implemented additional safeguards in a newly built environment,” the company said in the notification.

The company is also providing affected individuals a free 24-month credit monitoring and identity restoration service. This data breach may make you more susceptible to phishing, identity theft, and other social engineering attacks. To protect yourself, be careful about what information you share and closely monitor your bank account activity for any suspicious transactions.

We reached out to FBCS for a comment on this article but did not hear back by our deadline.

A person typing on a MacBook.

MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS  

 

7 measures to take to protect yourself from a data breach

If you’ve been impacted by this data breach, follow these steps to protect your personal data and privacy.

1) Invest in identity theft protection: If you think your personal data has been leaked, scammers may try to impersonate you to gain access to your private information. The best thing you can do to protect yourself from this type of fraud is to subscribe to an identity theft service. If you’re eligible, take the free CyEx subscription FBCS is offering.

Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

My top recommendation is Identity Guard. One of the best parts of using Identity Guard is that they might include identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.

CyberGuy’s Exclusive Offer: Get the Identity Guard Ultra protection to protect your identity and credit through tax season and beyond for as little as $9.99/mo (lowest offered anywhere) for the first year. 

See my tips and best picks on how to protect yourself from identity theft.

Best identity theft protection services 2024

 

2) Place a fraud alert: If you suspect you are a victim, contact the three major credit reporting agencies (Equifax, Experian, or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.

 

3) Be cautious of phishing attempts: Be vigilant about emails, phone calls, or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.

The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.

My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

 

4) Check Social Security benefits: It is crucial to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

 

5) Invest in personal data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. 

A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.

Special for CyberGuy Readers (60% off):  Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $6.49/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 175+ data brokers.  I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.

Get Incogni here

 

6) Change your password: You can render a stolen password useless to thieves simply by changing it. Opt for a strong password—one you don’t use elsewhere. Even better, consider letting a password manager generate one for you.

 

7) Freeze your credit: Contact each of the three major credit bureaus—Equifax, Experian, and TransUnion—to freeze your credit. This prevents credit, loans, and services from being opened in your name without your consent. It’s a powerful step in protecting your credit from unauthorized access and can be lifted anytime you need to apply for credit.

Remember, freezing your credit does not affect your credit score, and it’s free to do. It’s also reversible, so you can unfreeze your credit if you need to apply for new credit lines. Be sure to keep the PIN or password you’ll create during the freezing process in a safe place, as you’ll need it to lift the freeze. Consider using a password manager to generate and store complex passwords.

 

TICKETMASTER DATA BREACH EXPOSES 560 MILLION CUSTOMERS’ DATA SAYS IT GROUP  

 

Kurt’s key takeaway

Data breaches and cyberattacks in the US are on the rise. Companies are responsible for protecting customer data, and the least they can do is inform impacted individuals promptly when a cyberattack occurs. FBCS delayed the notification, which might have given attackers time to target unprepared individuals. If you think your data has been compromised, it’s best to take a proactive approach. Start by changing your passwords and monitoring your bank accounts for unknown transactions.

Do you trust companies to safeguard your personal data? Why or why not? Let us know in the comments below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

 

 


   

1 comment

Diana June 25, 2024 - 7:42 am

It is getting and going to get worse where you can trust NO ONE! This world will get worse and worse. You may laugh at that but just give it time.

Reply

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder