Almost 500K impacted in NCB Management Services cyberattack

Pennsylvania-based debt purchasing firm NCB Management Services has disclosed being impacted by a cyberattack last month, compromising sensitive financial data from 494,969 individuals, reports The Record, a news site by cybersecurity firm Recorded Future. Threat actors were able to infiltrate NCB's systems on Feb. 1, enabling access to confidential client account data, including names, birthdates, phone numbers, addresses, email addresses, employment details, Social Security numbers, driver's license numbers, credit card numbers, account balances and statuses, and routing numbers, noted NCB in documents filed with the Maine Attorney General's Office. "It was confirmed on March 8 that some of your client information previously connected with your Bank of America credit card account was potentially obtained by the unauthorized party," NCB said. NCB also reassured that attackers no longer have access to the information within its systems, suggesting that the firm may have paid a ransom. Moreover, all affected credit card accounts have already been shut down.