Threat actors claim to have breached Virginia-headquartered debt collection firm Credit Control Corporation (CCC), adding that personal details of millions were exposed.
They announced the supposed data breach on a popular data leak forum, which hackers use to share their victims and trade in stolen data. The post claims that the crooks got their hands on the personal details of 9.1 million Americans.
CCC is a debt collector focused on the healthcare and telecommunications sectors. We have contacted the company for comment and will update the article once we receive a reply.
Meanwhile, the Cybernews research team has investigated a data sample that attackers attached to the post. According to the team, the sample indicates that attackers may have accessed:
- Full names
- Phone numbers
- Genders
- Ages
- Property information
- Mortgage data
- Loan types
Attackers are very fond of databases with details on millions of people, as this allows easier automation of scams that rely on phishing emails. Moreover, threat actors could utilize the dataset for targeted financial scams and identity theft.
Personal identifiers, together with financial details, create ample opportunities for tailor-made attacks. Once attackers are aware that users in the list may have financial problems, their scams could focus on fraudulent financial assistance or other services.
It’s not the first time the CCC name appears in cybersecurity media. In 2023, CCC disclosed a data breach that exposed over 300,000 US residents. At that time, the company said that certain files that were copied from the company’s systems by an unauthorized party contained personal information, such as names and Social Security numbers.
Your email address will not be published. Required fields are markedmarked