Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US.
FBCS is a US debt collection agency that collects unpaid debts from consumer credit, healthcare, commercial, auto loans and leases, student loans, and utilities.
In late April, the firm reported that roughly 1.9 million people in the U.S. had sensitive personal information compromised in a data breach on February 14, 2024.
In May, the company upped the number by an additional 1.3 million to 3.2 million people.
In a new supplemental notice with the Office of the Maine Attorney General, the company has once again increased the number, stating that the data breach now impacts 4,253,394 people.
The exposed data varies per individual but can include the following information:
- Full name
- Social Security Number (SSN)
- Date of birth
- Account information
- Driver’s license number or ID card
New data breach notifications have been sent out to these additional people, starting on July 23, warning of the increased phishing and fraud risks.
Recipients of the notification will also receive instructions on enrolling in a free 24-month credit monitoring and identity restoration service via CyEx.
It is not known what type of attack led to the data breach, and no ransomware gangs have claimed responsibility, with the company simply stating that they detected unauthorized access to their internal network.
“On February 26, 2024, FBCS discovered unauthorized access to certain systems in its network. This incident did not impact computer systems outside of FBCS’s network,” reads the data breach notification.
Those who are impacted by the data breach should be on the lookout for targeted phishing attacks attempting to steal additional information, such as credentials.
It also advised to monitor credit reports for fraudulent activities and loans, as the exposed information can be used for identity theft.