Millions of Comcast Xfinity subscribers’ personal data stolen in cyberattack

In October, perpetrators exploited the Citrix Bleed vulnerability to likely pilfer personal information from millions of Comcast Xfinity subscribers. The compromised data may include usernames, hashed passwords, contact details, and confidential security question answers. Comcast, the internet, voice, and cable TV provider, disclosed the incident this week, revealing that it had promptly addressed the critical information disclosure bug within its system during a routine cybersecurity exercise on October 25th.

Despite the swift mitigation, suspicious activity was detected during the exercise, leading to the discovery of unauthorized access to internal systems between October 16 and October 19, 2023, linked to the Citrix vulnerability. In a privacy breach notification to the Maine Attorney General’s office, Comcast disclosed that 35.9 million individuals were affected by the digital breach. Comcast spokesperson Joel Shadle clarified that the term “user IDs” is a more accurate representation, as one customer might have multiple user IDs for various purposes.

The breach prompted Xfinity to notify federal authorities, and by November 16th, it was determined that information had likely been acquired. As of December 6, potentially stolen customer data encompasses usernames and hashed passwords. For some customers, additional information such as names, contact details, the last four digits of Social Security numbers, dates of birth, and secret questions and answers may have been compromised.

In response to the breach, Xfinity is mandating subscribers to reset their passwords and strongly recommending the implementation of two- or multi-factor authentication. It is emphasized that users should avoid reusing passwords across multiple accounts to enhance security.