Comcast Email :
The largest American multinational telecommunications and media conglomerate is Comcast Corporation, also simply known as Comcast, with its headquarters located in Philadelphia. Previously, it was known as American Cable Systems and Comcast Holdings, stylized in all caps as COMCAST.
The company is the biggest pay-TV, cable TV, and home Internet service provider in the United States, and it ranks second in the world’s revenue rankings for broadcasting and cable television (behind AT&T). In addition, Comcast is the third-biggest provider of home phone service in the country. It serves residential and business clients in forty states as well as the District of Columbia in the United States. Comcast is a theme park operator in addition to being a prolific producer of feature films for theatrical release and television programming. It has owned NBCUniversal, an international media company, since 2011.
Comcast is the owner and operator of the commercial services company Comcast Business, the residential cable communications business segment and division Xfinity, and the Verizon mobile virtual network operator Xfinity Mobile. Through NBCUniversal, it also owns and operates several over-the-air national broadcast network channels such as NBC, Telemundo, TeleXitos, and Cozi TV, streaming service Peacock; animation studios DreamWorks Animation, Universal Animation Studios; and Universal Destinations & Experiences, etc. Additionally, it owns sizable stakes in digital distribution, including the Platform, which it bought in 2006, and the ad-tech startup FreeWheel, which it bought in 2014. It has additionally served as Sky Group’s parent company since October 2018.
About Comcast Security Breach:
Comcast found on November 16, 2023, that threat factors had gained access to its internal systems and were able to obtain 35.8 million people’s Xfinity customer information.
“We enquired about the incident’s nature and extent and notified federal law enforcement,” Comcast stated on November 16, 2023, that it was concluded that information was probably obtained.
Comcast announced on December 6, 2023, that hashed passwords and usernames associated with consumer accounts were exposed due to a data breach. For certain customers, it also revealed their dates of birth, names, contact details, social security numbers, and/or secret questions and answers.
Customers of Xfinity are being notified by Comcast of a purported “data security incident” that led to the theft of customer data, including contact details, partial social security numbers, usernames, and passwords. Xfinity said in a notice on Monday that from October 16 to October 19, 2023, “unauthorized access” was made to its systems.
This breach notice was published in the state of Maine, and BleepingComputer linked to it. It indicates that 35,879,455 people in total—more than 50,000 of whom are in Maine—were impacted by the breach.
Xfinity links the hack to a security flaw that cloud computing startup Citrix revealed on October 10. Citrix started notifying clients about the software flaw that Xfinity and other businesses use. Xfinity later discovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability,” despite the company’s current claims that it has fixed the security flaw.
According to the BleepingComputer report, Citrix advised customers to patch the vulnerability as soon as possible on October 10th, almost two weeks earlier, even though there had not been any active exploitation of the flaw.
But by October 18th, Mandiant’s security researchers had reported that it was being exploited “actively,” and on October 23rd, a blog post from Citrix stated that it was aware of deliberate attacks. Xfinity’s notice states that the hack led to the theft of hashed passwords and usernames belonging to customers. In the interim, “some customers” might have had their dates of birth, names, contact details, social security numbers, and/or private questions and answers revealed. Federal law enforcement has been informed about the incident by Xfinity, and the company states that “data analysis is continuing.”
What did the company do for the customers after the breach?
Xfinity’s notice states that the hack led to the theft of hashed passwords and usernames belonging to customers. In the interim, “some customers” might have had their dates of birth, names, contact details, social security numbers, and/or private questions and answers revealed. Federal law enforcement has been informed about the incident by Xfinity, and the company states that “data analysis is continuing.”
Comcast states that all Xfinity customers, including those whose accounts may not have been compromised, need to change their usernames and passwords. Additionally, Xfinity encourages customers to secure their accounts by using two-factor authentication.
“While Xfinity suggests customers not to re-use passwords across different accounts, the company suggests consumers change usernames and passwords for additional accounts for which they use the same username and password or security question,” Comcast said in a statement and urged customers to change their passwords.
Based on Comcast’s most recent earnings report, the company has over 32 million broadband customers, which implies that all Xfinity customers were probably impacted by the breach.
Following the cyberattack, some Xfinity customers continued to voice their dissatisfaction on Wednesday. In a message to the company’s customer support team on social media, one poster wrote: “I signed in, changed password. I try to sign out by tapping my profile icon. Although it indicates that I’m signed out, the webpage still displays my account information. Beyond just password leaks, you have other problems.”
To maintain security, Xfinity will also prompt users to reset their passwords when they access their accounts for the first time and advise them to enable two-factor authentication. When consumers log into their accounts for the first time, Xfinity will prompt them to update their passwords. It is also recommended that users enable two-factor authentication.
Joel Shadle from Xfinity sent a statement to The Verge via email, saying, “We don’t know if any customer data is leaked or not so far, nor of any attacks on our customers.” “We have our cybersecurity team monitoring around the clock because we take the responsibility to protect our customers very seriously.”
Xfinity’s toll-free number for customers with inquiries is (888) 799-2560. 24 hours a day Monday through Friday from 9 a.m. to 9 p.m. Eastern time. Visit Xfinity’s website at xfinity.com/dataincident for more details. The complete notice is available on the Xfinity website, along with the incident response team’s contact details.
