iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Comcast subsidiary Xfinity has begun informing its customers of a cyber incident that resulted in customer data being accessed by an unauthorised user.
The company announced that between 16 October and 19 October this year, its systems were accessed by an unauthorised party as a result of the Citrix Bleed vulnerability that was announced on 10 October. Included in the notice of the vulnerability were recommendations to patch immediately.
“Citrix issued additional mitigation guidance on October 23, 2023. Xfinity promptly patched and mitigated the Citrix vulnerability within its systems,” wrote Xfinity in a notice to its customers.
“However, during a routine cyber security exercise on October 25, Xfinity discovered suspicious activity and subsequently determined that between October 16 and October 19, 2023, there was unauthorised access to its internal systems that was concluded to be a result of this vulnerability.”
Xfinity has launched an investigation into the incident and has said that law enforcement has been notified of the breach.
Through further investigation, Xfinity discovered that over 35.8 million customers had been affected (35,879,455, according to a listing by the Office of the Maine Attorney General).
While the investigation into the incident by Xfinity is still ongoing, the company has determined that accessed data includes names, usernames and hashed passwords, contact details, the last four digits of social security numbers, dates of birth and/or secret questions and the answers to them.
The company has said that there is so far no evidence of the accessed data being leaked anywhere, nor any cases of customer data being compromised or used for malicious purposes.
“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” said Joel Shadle, a spokesperson for Xfinity, in an email to The Verge.
“We take the responsibility to protect our customers very seriously and have our cyber security team monitoring 24x7.”
In response to the breach, Xfinity sent its customers password-reset requests and recommended they engage a multifactor authentication (MFA). However, the password-change emails have disgruntled many customers, who were sent the request without being informed of the actual breach.
What's the expected duration between a breach and customer notification.
— Eric Wright (@discoposse) December 12, 2023
Asking for a friend....and many thousands of friends who are in the middle of a @Xfinity password reset
When the default login page forces a reset and the call center has over a 60 minute wait, we need to…
Currently, the unauthorised user behind the breach is unknown.
Be the first to hear the latest developments in the cyber industry.
