"500k Impacted by Data Breach at Debt Buyer NCB"

National accounts receivable management company and debt buyer NCB Management Services has recently started informing roughly 500,000 individuals that their personal information was compromised in a data breach.  The company stated that an unauthorized party compromised some of its systems on February 1 and "gained access to Bank of America credit card accounts information."  The incident was discovered on February 4, and the data theft was confirmed on March 8.  Exposed personal information, the company says, includes names, addresses, phone numbers, email addresses, birth dates, driver's license numbers, Social Security numbers, and employment positions.  Financial information such as pay amounts, credit card numbers, routing numbers, account numbers and balances, and/or account statuses were also stolen.  According to the company, the impacted credit card accounts had already been closed when the cyberattack occurred.  The incident did not involve the compromise of Bank of America systems.  The company also says it is unaware of the potentially accessed information being distributed or used maliciously.  NCB did not share information on the type of cyberattack it suffered, but its description of the incident suggests that it engaged in communication with the attackers, which implies that a ransom demand might have been made.
 

SecurityWeek reports: "500k Impacted by Data Breach at Debt Buyer NCB"