Comcast Xfinity customers may have had their personal information compromised in a hack this fall
The cable and internet provider prompted customers to change their passwords after the breach, which came through Citrix, software used for remote work. A spokesperson said no data has been leaked.
Comcast Xfinity customers are being prompted to change their account passwords this week in light of an October data breach.
The Philadelphia-based cable and internet giant announced the hack Monday in a public notice to customers, saying that some of their personal information may have been acquired.
“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” Comcast spokesperson Joel Shadle said in a statement. “We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24x7.”
Nearly 36 million users have been affected, according to in a data breach notification Comcast filed with the Maine attorney general.
After an investigation, the company determined earlier this month that information accessed by hackers could include: customers’ usernames, contact information, last four digits of Social Security numbers, dates of birth, questions and answers to account security questions, and hashed passwords, which, as a security measure, are algorithmically converted into a random string of characters to prevent misuse.
The incident was the result of a vulnerability in Citrix, which provides remote-work software to Comcast and thousands of other companies, including Boeing and the Industrial and Commercial Bank of China, the world’s largest bank. Both of those corporations were hit this fall by hackers from a ransomware group exploiting the Citrix vulnerability, known as Citrix Bleed by cybersecurity officials.
Comcast said it “promptly patched and mitigated” its systems after Citrix announced the vulnerability, released a patch, and issued mitigation guidance in mid-October. Shortly after, however, Comcast said it discovered there had been “unauthorized access to some of our internal systems” between Oct. 16 and 19, before it had taken steps to mitigate the issue.
The company notified federal authorities, according to the notice, and began an investigation into “the nature and scope of the incident.”
About a month ago, on Nov. 16, officials determined that hackers had likely acquired some information. On Dec. 6, the company determined what kind of customer information may have been accessed.
“However, our data analysis is continuing, and we will provide additional notices as appropriate,” the company wrote.
Comcast is prompting customers to change their Xfinity passwords and suggesting they do so on any other accounts that use the same password. Officials there are also encouraging customers to use multifactor authentication — which involves confirming your identity with a text, email, or phone call before logging in.
Several Xfinity customers on Tuesday said they had not yet received an email with the public notice, or an email prompting them to change their password. As of Tuesday morning, customers were being directed to change their passwords only when they logged in to their online accounts.
“We know that you trust Xfinity to protect your information, and we can’t emphasize enough how seriously we are taking this matter,” the company wrote in its notice. “We remain committed to continue investing in technology, protocols and experts dedicated to helping to protect your data and keeping you, our customer, safe.”