Comcast, alongside several other big corporations, has recently suffered a devastating data breach. According to reports, it’s possible that hackers got their hands on the data of up to 36 million Comcast Xfinity customers, meaning the company’s cable television and internet department. Although the company is pretty tight-lipped about it, the data breach occurred over two months ago. Here’s what we know and what you should do to protect yourself.
The hackers were able to access those masses of customer information through a vulnerability known as “CitrixBleed.” It’s found in Citrix networking devices that Comcast and other huge corporations use. The exploit was initially discovered in August and appears to have been used in cyberattacks on not just Comcast but also many other companies, including Boeing.
Since the vulnerability was first spotted in August, it took until early October for Citrix to release a patch. However, it appears that not every company was able to get the critical updates in time, including Comcast. The telecom giant admitted that the CitrixBleed vulnerability allowed hackers to access its systems, which means customer data, between October 16 and 19. It took another week for Comcast to detect this attack.
The timeline stretches all the way until this month. On November 16, Xfinity confirmed that “information was likely acquired,” but it didn’t specify what type of information. This month, Comcast revealed that customer data was stolen, including usernames and hashed passwords, and this appears to affect most — if not all — of the 36 million accounts, which translates to just about all the customers Xfinity has.
The good news is that the hashed passwords are supposed to be hard to crack, but depending on the algorithm used to protect them, it’s not impossible for the hackers to get around those defenses.
The worst part of it all is that Comcast admits that the hackers may have gotten their hands on much more sensitive data for an “unspecified number of customers,” says TechCrunch. This data includes names, dates of birth, contact information, secret questions and answers, and even the last four digits of Social Security numbers. Unfortunately, Comcast doesn’t specify how many customers are affected by this — far more severe — data breach.
It’s unclear whether the hackers are asking for ransom right now, although Comcast told TechCrunch that it’s not aware of the data being leaked anywhere or used for malicious purposes. It’s possible that the hackers may attempt to sell the data on the dark web or request ransom from Comcast.
What can you do as a Comcast customer? Your best bet is to change your password, and if you’ve been using that same password elsewhere, make sure to change it across the board (and use different passwords for every service going forward). Using two-factor authentication is also a good way to protect yourself at a time when cyberattacks and massive data breaches are such a common occurrence, with companies like Western Digital, Microsoft, and 1Password all being affected this year.
