Data breach at Comcast Xfinity impacts more than 35 million individuals

Comcast’s Xfinity customers are being notified of a data security incident that occurred from October 16 to October 19, 2023, resulting in the theft of customer information, including usernames, passwords, contact information, partial social security numbers, and more. The breach affected a total of 35,879,455 people, including over 50,000 in Maine. Xfinity attributes the breach to a security vulnerability in software disclosed by Citrix, which prompted Xfinity to patch the security hole. However, suspicious activity was later discovered on internal systems, leading to the unauthorized access.

Citrix had alerted customers to the vulnerability, known as “Citrix Bleed,” on October 10, urging immediate patching, but had not noted active exploitation. Security researchers at Mandiant later confirmed active exploitation, leading to the theft of customer information such as usernames and hashed passwords. Additionally, some customers may have had their names, contact information, the last four digits of their social security numbers, dates of birth, and secret questions and answers exposed.

Xfinity has notified federal authorities about the incident and is continuing data analysis. Customers will be prompted to change their passwords next time they log in and are encouraged to enable two-factor authentication. Xfinity spokesperson Joel Shadle reassured customers that there have been no leaks of customer data or attacks on customers, emphasizing their commitment to cybersecurity. The full notice and contact information for the incident response team can be found on the Xfinity website.

Update: Comcast is an investor in Vox Media, the parent company of The Edge. The statement from Xfinity regarding the incident has been added, as well as the number of people affected by the breach and details about the Citrix Bleed vulnerability.

Article Source
https://www.theverge.com/2023/12/18/24007082/xfinity-data-breach-hack-notice-citrix