:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/WPAWXVV5UFAL3GRQGEKO6FQ7Z4.jpg)
Xfinity customers are being told to reset their passwords after Comcast said that its system had been hacked.
The cable company said that hackers got usernames, “hashed” passwords, names, contact information, birth dates, the last four digits of the customers’ social security numbers and the customers’ secret questions and answers, The Wall Street Journal reported.
The attack happened between Oct. 16 and Oct. 19 and was because of a vulnerability in its Citrix software that allows employees to remotely access corporate networks.
The third-party software provider had said there was a vulnerability only six days before the breach, but recently said the hole has been patched. Comcast found suspicious activity on Oct. 25, six days after the attack.
On Dec. 6, the company discovered what information had been taken.
Comcast said that it serves about 32 million people in the U.S., but the hack may have affected 36 million accounts due to inactive accounts or customers with more than one. This security issue is one of the biggest this year, but there could be more, cybersecurity experts said.
“Anybody that has Citrix for cloud, they’re being hit with it pretty bad,” David Kennedy, founder of TrustedSec, told the Journal.
“We’re just seeing the beginning stages of these companies discovering that they’re breached. We’re going to see a lot more of these companies over the next few weeks and months.”
Comcast said that it hasn’t found any of its customers’ information being leaked, but it is still recommending that people reset their passwords and turn on multifactor authentication, The Associated Press reported.
“The next time you login to your Xfinity account, you will be prompted to change your password, if you haven’t been asked to do so already,” Comcast told its customers.
“In today’s environment, large companies face cybersecurity threats constantly. We have robust security programs in place which help us to discover criminal activity such as this one and to quickly mitigate it. Customers trust us to protect their information, and the company takes this responsibility seriously. We remain committed to investing in technology, protocols and experts dedicated to helping protect our customers.”
If you have questions, you can contact IDX, which is Xfinity’s “incident response provider,” at 888-799-2560 Monday through Friday from 9 a.m. to 9 p.m. EST, or visit the Xfinity website.
/cloudfront-us-east-1.images.arcpublishing.com/cmg/XCUXZC2XYZHCRGNNGKFEX6U3LQ.png)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/IEIDLJGUSJBYPC4PSTRHTXUIWA.png)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/2HSLXH2XLJFE3BW67VQSEKOHKE.jpg)
:quality(70)/d1hfln2sfez66z.cloudfront.net/05-03-2024/t_382a43c747ae43d1b6299d2f93a095d1_name_woman_killed_by_cylinder.jpg)
:quality(70)/d1hfln2sfez66z.cloudfront.net/05-03-2024/t_06f2298b30584188970cc5909dd417a7_name_pghmarathon20245av050324_transfer_frame_98.jpeg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/DOQPB4EGNJDFPNICVK5HOJNDFY.jpeg)