Comcast’s Xfinity cable unit faced a cybersecurity breach due to the Citrix Bleed vulnerability, affecting approximately 36 million customers. Hackers accessed customer information by exploiting the vulnerability, resulting in a data breach. The breach impacted Xfinity systems for a few days in mid-October, with hackers gaining access to customer usernames, passwords, and personal details like names, contact information, and dates of birth. Citrix had previously disclosed vulnerabilities in NetScaler ADC and NetScaler Gateway products, urging customers to install updated versions to prevent exploitation.
The vulnerabilities, identified as CVE-2023-4966 and CVE-2023-4967, were considered high severity, with the potential for information disclosure and ransomware attacks. Citrix recommended users update their devices to resolve security issues and advised upgrading to newer versions without vulnerabilities. While Citrix is commonly used for remote desktop sessions, exposure to the Internet can make it a target for cyber intrusions.
To protect against vulnerabilities like Citrix Bleed, experts suggest regularly updating software, monitoring networks for unusual activity, and implementing multi-factor authentication methods. Educating employees on cybersecurity best practices, such as using strong passwords and monitoring the dark web for leaked data, is vital. Xfinity users were advised to monitor the situation closely, change usernames and passwords, and consider updating Wi-Fi passwords due to increased cyber threats during the holiday season.
Although Comcast did not specify the exact number of users impacted by the breach, a data breach notification to Maine’s attorney general reported that 35,879,455 customers were affected. The breach serves as a reminder of the importance of cybersecurity measures and prompt responses to security vulnerabilities to protect sensitive information and prevent data breaches.
Article Source
https://www.csoonline.com/article/1267774/hackers-steal-data-from-millions-of-xfinity-customers-via-citrix-bleed-vulnerability.html/amp/