Comcast hack may affect over 35 million users

Boyd

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,824
3,004
Ben's Branch, Stephen Creek
This sounds like bad news....

"Xfinity says it's informing customers of the incident via its website, email and by other means. It's urging them to change their passwords, to make sure they don't use the same passwords on different accounts and to enable two-factor or multi-factor authentication. Xfinity also suggested that folks who use the same login credentials on other accounts change their passwords on those."

www.engadget.com

Xfinity breach may have affected as many as 35.8 million customers

Xfinity says it suffered a data breach in October with attackers likely obtaining usernames, hashed passwords and potentially other sensitive information.
www.engadget.com www.engadget.com
 
  • Wow
Reactions: RednekF350
bobpbx

bobpbx

Piney
Staff member
Oct 25, 2002
14,658
4,834
Pines; Bamber area
Reading the website, that happened in October. They are bums, you know? I think hackers should go to the same prison where murderers are.

What Happened? On October 10, 2023, one of Xfinity’s software providers, Citrix, announced a vulnerability in one of its products used by Xfinity and thousands of other companies worldwide. At the time Citrix made this announcement, it released a patch to fix the vulnerability. Citrix issued additional mitigation guidance on October 23, 2023. We promptly patched and mitigated our systems. However, we subsequently discovered that prior to mitigation, between October 16 and October 19, 2023, there was unauthorized access to some of our internal systems that we concluded was a result of this vulnerability. We notified federal law enforcement and conducted an investigation into the nature and scope of the incident. On November 16, 2023, it was determined that information was likely acquired. What Information Was Involved? On December 6, 2023, we concluded that the information included usernames and hashed passwords. For some customers, other information was also included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers. However, our data analysis is continuing, and we will provide additional notices
 
  • Like
Reactions: Boyd
Boyd

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,824
3,004
Ben's Branch, Stephen Creek
A big problem with this sort of thing is that lots of people use the same names and passwords on multiple sites. So, it's possible that this can cause a lot of collateral damage across the web and even affect users on sites like NJPB. :argh:

bobpbx said:
Reading the website, that happened in October. They are bums, you know?
Click to expand...

This might help, although it's really intended to protect investors and not the rest of us...

apnews.com

New SEC rule requires public companies to disclose cybersecurity breaches in 4 days

The Securities and Exchange Commission has adopted rules to require public companies to disclose within four days all cybersecurity breaches that could affect their bottom lines.
apnews.com apnews.com
 
RednekF350

RednekF350

Piney
Feb 20, 2004
5,054
3,327
Pestletown, N.J.
I was asked to change my Comcast password about two weeks ago and my wife was notified last week. I doubted the veracity of the initial email notice when I first received it but eventually convinced myself it was legitimate. So far so good. :(
 
  • Like
Reactions: ecampbell and Boyd
bobpbx

bobpbx

Piney
Staff member
Oct 25, 2002
14,658
4,834
Pines; Bamber area
I was told last week by RW Barnabus healthcare they were compromised too and so were some of my health records. They gave me identity theft insurance for a year from Experian. I signed up Saturday.

I still have a password book hidden in the house. I don't even trust password apps.
 
  • Like
Reactions: Teegate, slingblade and Boyd
You must log in or register to reply here.
Top