The Desk appreciates the support of readers who purchase products or services through links on our website. Learn more...

Comcast warns Xfinity customers of likely data breach

Photo of author
By:
Matthew Keys
»

mkeys@thedesk.net

Share:
A Comcast gateway used to provide Internet service under the Xfinity brand. (Courtesy image)
A Comcast gateway used to provide Internet service under the Xfinity brand. (Courtesy image)

Comcast says it has notified federal law enforcement agencies about a data breach that may impact tens of millions of customers.

On Monday, Comcast said it was providing customers of its Xfinity television and broadband services with a notice about the security incident, which involved a technical contractor called Citrix.

The incident happened two months ago, when Citrix told clients about a security exploit that affected thousands of its clients, including Comcast.

The initial announcement was made on October 10, but Citrix didn’t provide clients with a way to fix the issue until October 23, according to Comcast’s notice. Once Comcast was able to implement the patch, it did so, but two days later, the company noticed unusual activity on some of its internal computer systems, suggesting the security issue had already been exploited.

According to Comcast, thieves may have stolen a cache of customer-related information, including usernames, hashed passwords, contact information, the last four digits of a customer’s Social Security number, dates of birth and the answers to their “secret” login questions.

That may not be all the thieves were able to get, Comcast said, affirming that its “data analysis is continuing.”

“Xfinity has required customers to reset their passwords to protect affected accounts,” Comcast said in a statement. “In addition, Xfinity strongly recommends that customers enable two-factor or multifactor authentication to secure their Xfinity account, as many Xfinity customers already do. While Xfinity advises customers not to re-use passwords across multiple accounts, the company is recommending that customers change passwords for other accounts for which they use the same username and password or security question.”

KnowTechie: What Comcast customers need to know about the latest data breach

Comcast said customers who have questions can contact their dedicated call center at 1-888-799-2560, which is open 24 hours a day.

“Customers trust Xfinity to protect their information, and the company takes this responsibility seriously,” a Comcast spokesperson said on Monday. “Xfinity remains committed to continued investment in technology, protocols and experts dedicated to helping to protect its customers.”

Separately, a Comcast spokesperson told reporters that the company was not aware of “any customer data being leaked anywhere, nor of any attacks on our customers.”

“We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24-7,” Comcast spokesperson Joel Shadle said.

Never miss a story

Get free breaking news alerts and twice-weekly digests delivered to your inbox.

We do not share your e-mail address with third parties; you can unsubscribe at any time.

ComcastXfinityXfinity InternetXfinity TV
Photo of author

About the Author:

Matthew Keys

Matthew Keys is the award-winning founder and editor of TheDesk.net, an authoritative voice on broadcast and streaming TV, media and tech. With over ten years of experience, he's a recognized expert in broadcast, streaming, and digital media, with work featured in publications such as StreamTV Insider and Digital Content Next, and past roles at Thomson Reuters and Disney-ABC Television Group.
TheDesk.net is free to read — please help keep it that way.

We rely on advertising revenue to support our original journalism and analysis.
Please disable your ad-blocking technology to continue enjoying our content.

Learn how to disable your ad blocker on: Chrome | Firefox | Safari | Microsoft Edge | Opera | AdBlock plugin

Alternatively, add us as a preferred source on Google to unlock access to this website.

If you think this is an error, please contact us.