Comcast has confirmed that hackers who exploited a security vulnerability rated critical gained access to sensitive information of approximately 36 million Xfinity customers.
The vulnerability, known as CitrixBleed, was discovered in Citrix networking devices commonly used by large enterprises and has been widely exploited by hackers since late August. Citrix made the patch available in early October, but many organizations did not apply the patch in time. Hackers used the CitrixBleed vulnerability to hack high-profile victims including aerospace giant Boeing, Industrial and Commercial Bank of China, and international law firm Allen & Overy.
Comcast’s cable TV and Internet division, Xfinity, has become the latest victim of CitrixBleed, the company has confirmed. Notice to customers on monday.
The US telecommunications giant said hackers who exploited a CitrixBleed vulnerability accessed its internal systems from October 16th to October 19th, but the company did not detect any “malicious activity” until October 25th. Stated.
By Nov. 16, Xfinity had determined that “information may have been obtained” by the hackers, and in December that it had determined that this included customer data, including usernames and “hashed” passwords. concluded that they were scrambled and stored in an unreadable manner. To humans. It is not immediately clear how the password was scrambled or what algorithm was used, as some weak hashing algorithms can be cracked.
The company said the hackers may have also accessed the names, contact information, dates of birth, last four digits of Social Security numbers, and security questions and answers for an unspecified number of customers.
Comcast said it “continues to analyze our data and will provide additional notifications as appropriate,” suggesting other types of data may have been accessed as well.
The notice did not say how many Xfinity customers would be affected, and Comcast spokesperson Joel Shadle declined to comment when asked by TechCrunch.in Filings with the Maine Attorney General, Comcast confirmed that approximately 35.8 million customers were affected by this breach.Comcast Latest earnings report The company has more than 32 million broadband customers, suggesting this breach affected most, if not all, Xfinity customers.
Whether Xfinity received a ransom demand, how the incident affected the company’s operators, and whether the incident was reported to the U.S. Securities and Exchange Commission, as required by the regulator’s new data breach reporting rules. It is still unclear whether it was submitted. A Comcast spokesperson declined to comment.
Xfinity says it requires customers to reset their passwords and recommends the use of two-factor or multi-factor authentication (which the company does not require by default) for all customer accounts.
Source: techcrunch.com
