©Just_Super via Canva.com
Comcast’s Xfinity Faces a Massive Data Breach
December 20, 2023
Comcast’s Xfinity has been hit by a major data breach. The telecom giant recently reported a “data security incident” affecting its users, with unauthorized access to its systems between Oct. 16 and Oct. 19, 2023. The stolen data included customer usernames, encrypted passwords, contact details, fragments of social security numbers, and more.
“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers. We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24×7.”
Joel Shadle , Xfinity spokesperson, via The Verge
According to BleepingComputer, the breach notice released in Maine revealed that a staggering 35,879,455 people globally were impacted. That’s over 50,000 people in the state of Maine alone.
The breach was traced back to a security flaw in the cloud company Citrix’s software, which is widely used by Xfinity and various other corporations. Citrix had issued an advisory regarding the vulnerability, now called “Citrix Bleed,” on Oct. 10, urging companies to implement a patch as swiftly as possible. Despite the alert, it seems Xfinity’s measures were a step too late.
Xfinity did apply the recommended patch, but subsequent investigations revealed suspicious activities on its networks. It was deduced that these irregularities were the direct result of the “Citrix Bleed.” It wasn’t until Oct. 18 that security research firm, Mandiant, announced that the vulnerability was under “active exploitation,” alerting the community about the threat.
Stolen data in this breach encompassed usernames and hashed passwords and, for some unfortunate customers, also extended to their names, contact details, the last four digits of their social security numbers, birth dates, and even secret question-answer pairs.
Following these security breach revelations, Xfinity is taking action to protect its customers. The company has reported the matter to federal law enforcement and continuing its analysis of the breached data. When users next log into their accounts, Xfinity will ask them to change their passwords. The company is also promoting the use of two-factor authentication to add an extra layer of security. Details of Xfinity’s announcement can be found on its website.
Recent News
Media Giants Depend on Sports As Content Shortages Rise
As Hollywood emerges from last year’s strikes, major media companies are turning to live sports to attract audiences and advertisers. This trend was evident during this year’s Upfront presentations, where media giants showcased their upcoming content and advertising opportunities.
New Trader Joe’s Opens in SF After 10 Years
San Francisco’s Hayes Valley neighborhood welcomed a highly anticipated new addition on May 17, 2024, with the grand opening of a Trader Joe’s at 555 Fulton St., on the corner of Laguna Street. This event marks the end of a decade-long wait for residents who have been eagerly looking forward to a new grocery store in their area.
China’s Property Market Boost: Stocks Surge, Copper Hits Highs
The Chinese government unveiled a comprehensive support package that has sent ripples through financial markets. This initiative includes a slew of measures aimed at stimulating housing demand and addressing the excess inventory burdening developers. The immediate impact was a significant rally in Chinese stocks and a surge in commodity prices, notably copper, which hit record highs.
Mercedes-Benz Workers in Alabama Reject Union
In a pivotal moment for autoworkers in the southern United States, employees at a Mercedes-Benz plant in Alabama have voted against joining the United Auto Workers (UAW) union. The outcome, with 56% of workers voting against unionization and 44% in favor, comes as a significant setback for the UAW’s efforts to expand its influence in the region.