In a notice to customers, Xfinity announced that there was unauthorized access to internal systems because of this vulnerability between Oct. 16 and 19, 2023.
The alleged software vulnerability was previously announced by software provider Citrix.
Xfinity discovered the "suspicious activity on Oct. 25 and in the succeeding months concluded that the hackers "likely acquired" data.
On Dec. 6, Xfinity said the accessed information included customer usernames and hashed passwords. The hackers also acquired data such as the last four digits of Social Security numbers, account security questions, birthdates and contact information of some customers.
An investigation on the breach is still ongoing, but in a statement, Xfinity claimed that it is "not aware of any customer data being leaked anywhere, nor of any attacks on our customers."
Xfinity also advised customers to reset their passwords and strongly recommended two-factor or multifactor authentication to boost account security.
A filing with Maine's office of the Attorney General revealed that at least 35.9 million people were affected by the breach. The company declined to confirm a specific number, but it said that the filing's figure represents user IDs.
According to a recent earnings release, Philadelphia-based Comcast has more than 32 million broadband customers.
Human knowledge is under attack! Governments and powerful corporations are using censorship to wipe out humanity's knowledge base about nutrition, herbs, self-reliance, natural immunity, food production, preparedness and much more. We are preserving human knowledge using AI technology while building the infrastructure of human freedom. Use our decentralized, blockchain-based, uncensorable free speech platform at Brighteon.io. Explore our free, downloadable generative AI tools at Brighteon.AI. Support our efforts to build the infrastructure of human freedom by shopping at HealthRangerStore.com, featuring lab-tested, certified organic, non-GMO foods and nutritional solutions.
Aside from Xfinity, Citrix provides software to thousands of companies around the world. The vulnerability, named "Citrix Bleed," has also been associated with other hacks targeting the Industrial and Commercial Bank of China's New York arm and a Boeing subsidiary, among others.
Under new rules, the Securities Exchange Commission (SEC) now requires public companies to disclose all cybersecurity breaches that could affect their bottom lines at least within four days of determining a breach is material.
As of Dec. 19, there were no SEC filings from Comcast about the data breach and the company did not immediately address it. (Related: Apple releases emergency software update after Pegasus spyware breach.)
As technology advances and hackers become more determined, data breaches have become more common. Follow the internet safety tips below to help improve your account security and protect your account information:
Hackers often have a great success rate even if they only steal a batch of username and password combinations from one source because they can then steal information by trying those same combinations on other accounts.
For example, hackers can get your username and password by hacking an email provider. They will then try to log into banking sites or major online stores using the same username and password combination.
The best way to prevent one data breach from having a catastrophic domino effect is to always use a strong and unique password for all your online accounts.
Multi-factor authentication adds one more step to account log-ins, but it can help make your accounts more secure. Multi-factor authentication means you need to pass another layer of authentication, not just a username and password, to access your accounts.
If the data or personal information in your account is sensitive or valuable, and the account offers multi-factor authentication, it's best to enable it. Online services like Gmail and Dropbox offer multi-factor authentication.
Multi-factor authentication verifies your identity using at least two out of three different forms of authentication:
Visit CyberWar.news for similar stories about hacking and cyber attacks.
Watch the video below discussing the truth about the New Zealand vaccine data breach.
This video is from the Tammy Cuthbert Garcia channel on Brighteon.com.
Google allows users to have their explicit photos removed from search results.
Pizza Hut Australia HACKED! Data security breach exposes customers’ personal information.
Hunter Biden sues IRS whistleblowers for BREACH OF PRIVACY over tax probe.
Sources include: