News
Comcast hit by huge data breach: everything you need to know
Comcast is the latest company to disclose a serious data breach that could involve the theft of customers’ personal information.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
If you subscribe to Comcast’s Xfinity TV or Xfinity Internet services, now might be a good time to change your password.
This week, the company issued a press release affirming it was the victim of a data breach after one of its software vendors discovered a security bug that was being actively exploited by hackers.
The press release was issued when Comcast started notifying Maine regulators about the cybersecurity incident involving customer data theft, as required by state law.
Comcast is expected to distribute similar notices in states with near-identical laws on the books and where it operates its Xfinity services.
Here is a look at what exactly happened, what Comcast is doing about the situation, and what steps you need to take to protect yourself.
What happened?
The situation began unfolding in early October at a software company called Citrix, which provides tech-related services to thousands of enterprise customers like Comcast.
Specifically, Citrix discovered that one of its products, Citrix NetScaler, had a serious security bug that allowed hackers to grab authentication tokens from onboard memory devices using the software.
Once a hacker obtained the authentication token, they essentially had access to a company’s NetScaler platform.
To make matters even worse, the same exploit was also found to affect Citrix Gateway, a similar service that allows companies to remotely — and, supposedly, securely — access parts of their technical infrastructure.
Citrix published a security bulletin on October 10, notifying clients like Comcast about the situation.
However, researchers believe the exploit was actively being used by hackers as soon as August, giving them plenty of time to target government users and corporations that rely on the two Citrix products.
How does Comcast fit into all of this?
Comcast didn’t say which Citrix products it uses, but given that the company offers residential and enterprise broadband Internet services, it’s fair to assume Comcast probably uses both NetScaler and Gateway as part of its business.
In a press release issued on Monday, Comcast said it received guidance from Citrix on two occasions — October 10 and October 23 — with information about how to fix the security problem.
On October 25, Comcast said it was performing a “routine cybersecurity exercise,” and that is when it discovered that hackers likely gained access to its internal systems between October 16 and October 19.
“Xfinity notified federal law enforcement and initiated an investigation into the nature and scope of the incident,” a Comcast spokesperson said in a statement.
What kind of information was supposedly taken?
It took Comcast nearly three weeks to conclude that “information was likely acquired,” which may include the personal information of some of its Xfinity TV, Xfinity Internet, and Xfinity Mobile subscribers.
That information could include:
- A customer’s name
- A customer’s address and other contact information
- The last four digits of a customer’s Social Security number
- A customer’s date of birth
- Usernames and “hashed,” or encrypted, passwords
- The answers to a customer’s “secret” login question(s)
Comcast said the findings are not conclusive, and its “data analysis is continuing.” But, since the company apparently has information that leads it to believe customer information was “likely acquired,” it began notifying state government officials and customers accordingly.
It isn’t clear why Comcast waited nearly a full month to notify customers after reaching the conclusion that the personal data of Xfinity subscribers may have been compromised.
A Comcast spokesperson has not yet returned an email seeking more information on that point.
What should Comcast customers do?
Change your Comcast Xfinity password
Comcast said it is proactively requiring some customers to reset their passwords when they try to log on to the Xfinity website and related apps.
If a customer gets this prompt, it doesn’t necessarily mean their account information was compromised, only that it could have been.
if you’re a Comcast customer, it’s probably a good idea to change the password on the Xfinity website and any other account where that password may have been reused.
Stop reusing the same password
Since most of us live in the real world where no one actually does that, signing up for a password manager like Bitwarden or NordPass is a good idea.
READ MORE: The best free password managers
Password managers offer a safe (for the most part) way to manage different passwords from a single secure service.
Some — like NordPass and 1Password — will even warn you if you’re using an insecure password or reusing a password across different services.
- Zero-Knowledge Architecture: Ensures that your passwords and data are encrypted on your device before reaching their servers for ultimate privacy.
- User-Friendly Interface: Designed for ease of use, allowing quick access to stored passwords and personal information with minimal effort.
- Secure Password Sharing: Makes sharing passwords with family or colleagues safe and hassle-free, enhancing collaborative security practices.
- Data Breach Scanner: Regularly checks to see if your personal information has been exposed in a breach, offering proactive security measures.
Turn on “Two-factor authentication” wherever it is offered.
Two-factor authentication (2FA) is an extra layer of security that, coupled with a hard-to-guess password, makes it extremely difficult for hackers to gain access to your online accounts.
In most cases, Two-Factor Authentication involves sending a six-digit code to your phone, usually by text message (though, in some cases, you can also opt for a phone call).
There are also apps that will generate Two-Factor Authentication codes for e-mail services, social media accounts, and others.
Two-factor Authentication should always be turned on for services where hackers:
- Could steal your money (think bank accounts or services where you pay for things online, like Amazon, your home Internet provider, etc.).
- Could steal your personal data, like billing information, irreplaceable photos, or email messages.
Xfinity customers looking to add two-factor authentication to their accounts can follow along with this guide via the Xfinity website.
Keep an eye on your credit report and score.
While Comcast says it isn’t aware of anyone actively using the personal information of Xfinity subscribers, some data like names, addresses, birthdates, and Social Security numbers can be used by hackers to open loans, credit lines, and bank accounts.
Most banks, credit unions, and credit card companies offer a limited amount of credit monitoring and alerts to customers for free; if they don’t, Experian offers free basic credit monitoring.
Wrapping this all up
Comcast’s recent acknowledgment of a data breach serves as a critical reminder of the digital vulnerabilities that exist even within large corporations.
With all that said, act now: change your Xfinity password, stop reusing passwords, and turn on two-factor authentication. Stay vigilant to protect your personal info from cyber threats.
Have any thoughts on this? Drop us a line below in the comments, or carry the discussion to our Twitter or Facebook.
Editors’ Recommendations:
- Comcast report proves people still don’t care about cybersecurity
- Comcast Xfinity subscribers will soon get faster internet speeds
- What equipment do I need to return to Comcast?
- Comcast is working on a smart TV and voice remote that could release late this year
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.