Exploited Citrix Vulnerability Used to Access Data from Over 35 Million Comcast Xfinity Customers – Help Net Security

Exploited Citrix Vulnerability Used to Access Data from Over 35 Million Comcast Xfinity Customers – Help Net Security



Comcast, a telecommunications company, recently confirmed a breach that compromised the personal information of over 35.8 million Xfinity customers. The breach was a result of CVE-2023-4966, also known as Citrix Bleed, an information disclosure vulnerability in Citrix NetScaler ADC/Gateway devices. This vulnerability was exploited by attackers since the end of August 2023 and became widespread after Citrix issued a patch on October 10.

Xfinity quickly patched and mitigated their systems following Citrix’s additional guidelines on October 23. However, unauthorized access was discovered between October 16 and 19, leading to the exposure of customer information. The stolen data included usernames, encrypted passwords, names, contact information, last four digits of social security numbers, dates of birth, and secret questions and answers. Xfinity notified federal authorities and conducted an investigation, determining on November 16 that information was likely acquired during the breach.

Customers are advised to change their passwords and enable two- or multi-factor authentication to protect their accounts. Xfinity also urges customers to monitor their account statements, credit reports, and watch for any suspicious activity that could indicate fraud or identity theft.

Article Source
https://www.helpnetsecurity.com/2023/12/20/xfinity-breach/