comcast xfininity dara breach

The data of over 36 million Comcast customers has been accessed following a data breach on the company's cable television and internet division, Xfinity. 

In a notice published Monday, Xfinity said “there was unauthorized access” to its systems from October 16th to October 19th, 2023, likely resulting in the theft of customer data including usernames, passwords, contact information, partial social security numbers and more. 

The notice doesn’t say how many Xfinity customers have been impacted, but in a filing with Maine’s attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach. 

Comcast’s most recent earnings report shows the company has over 32 million broadband customers, meaning that this breach has impacted most if not all Xfinity customers.

While Xfinity now says it patched the security flaw, it later uncovered suspicious activity on its internal systems that it says “was concluded to be a result of this vulnerability.”

“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” Xfinity spokesperson Joel Shadle said in a statement. 

“We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24x7.”

CitrixBleed data breach

critixbleed data breach

It’s not yet known whether Xfinity received a ransom demand, how the incident has impacted the company’s systems, or whether the incident has been filed with the US Securities and Exchange Commission. 

The US telecom giant believes the breach comes from a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers about a flaw in software Xfinity and other companies use on October 10th. 

Hackers have used the CitrixBleed vulnerability to attack other big companies including aerospace giant Boeing, the Industrial and Commercial Bank of China, and most recently the international law firm Allen & Overy.

Xfinity is telling its customers to reset their passwords and recommends the use of two-factor or multi-factor authentication for all customer accounts.