Spear Phishing and Comcast’s Data Breach

In the same week that Microsoft disrupted Russian spear phishing operations, telecom giant Comcast has had to notify around 238,000 current and former customers that ransomware has compromised their personal data at the debt agency Financial Business and Consumer Solutions (FBCS).  How many steps forward versus back is that, I wonder?

Starting with the former, Microsoft worked with the US Justice Department to seize more than 100 domains from Russian hacking group Star Blizzard.  This cabal, allegedly under the auspices of Russia’s Federal Security Service (FSB), is responsible for spear phishing attacks against US government employees and nonprofits.  For the past two years, Microsoft has seen Star Blizzard target over 30 civil society organizations to exfiltrate sensitive data.  With US elections nearing, Microsoft asserts a political angle to these activities as well.

While the cyber criminals will no doubt work to establish replacement infrastructure, Microsoft claims this domain takedown will be a critical disruption to operations for the present time.

Comcast, meanwhile, is following up on a data breach announcement from April by reaching out to a number of affected customers.  Initially it was discovered that the hackers had access to the FBCS network and could view and steal sensitive data, including Social Security numbers and account information.  The debt agency would soon list over 4 million individuals total who were affected by the breach.  According to Comcast, “this security incident occurred entirely at FBCS and not at Xfinity or on Comcast systems. FBCS notified Comcast that due to its current financial status, it would no longer be able to provide notices or credit monitoring protection to individuals impacted by the incident.”  Instead, the telecoms provider itself is offering a free year of credit monitoring and identity protection services.

Of course, said individuals may already be utilizing such a service, as it seems many are since the National Public Data (NPD) breach, if they weren’t already before.  This is the natural outcome of people who are increasingly and inescapably forced to confront the current data security reality.  No organization that handles personal information is safe, and strong cyber defenses like NetLib Security’s Encryptionizer are vital to data protection efforts.  When perimeter defenses fail, when bad actors break through to their target, the only chance left is that a strong layer of encryption makes the data useless to them.

Request a free evaluation here to see Encryptionizer in action and keep your customers from needing free identity protection services.