Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.
Comcast has notified customers about a 'recent data security incident' tied to a vulnerability in Citrix software that exposed certain customer information, including usernames, dates of birth and partial social security numbers.
December 19, 2023
Comcast said Monday it was notifying customers about a "recent data security incident" stemming from a vulnerability in Citrix software used by the cable operator that exposed certain customer information, including usernames, dates of birth and the last four digits of social security numbers.
In the wake of it, Comcast is requiring customers to reset their passwords and recommending that customers enable two-factor or multi-factor authentication to secure their Xfinity account. Comcast is also recommending that customers change passwords for other accounts for which they use the same username and password or security question. Comcast also pointed out that customers can place a security freeze on their credit reports free of charge.
On October 10, cybersecurity specialist Citrix announced a vulnerability in software that Comcast and thousands of other companies use worldwide and issued more guidance on the issue on October 23. That vulnerability is being widely referred to as "Citrix bleed."
Comcast said it promptly patched and mitigated the Citrix vulnerability within its systems. However, the company discovered suspicious activity during a "routine cybersecurity exercise" on October 25 and determined that there was unauthorized access to its internal systems between October 16-19.
Comcast said it concluded that the unauthorized access was traced to the Citrix vulnerability.
Customer data 'likely acquired'
According to AP, a filing with Maine's office of the attorney general noted that nearly 35.9 million people were affected by the breach, a number that represents individual user IDs. Comcast ended Q3 with about 32.28 million broadband subs, comprised of 29.77 million residential subs and 2.5 million business customers.
Comcast notified federal law enforcement and started an investigation into the nature and scope of the incident and, on November 16, determined that "information was likely acquired."
Comcast said the information in-scope included usernames and "hashed" passwords, which turn plain text passwords into a series of unintelligible numbers and letters. Other information, such as names, contact information, the last four digits of social security numbers, dates of birth and/or secret questions and answers, might also have been included, Comcast said, stressing that its data analysis is continuing.
"We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers," a Comcast official told The Verge. "We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24x7."
In July, the Biden administration released a National Cybersecurity Strategy that included increasing incentives to favor long-term investments into cybersecurity. Additionally, the FCC has proposed the use of a new security labeling program that includes a 'Cyber Trust Mark' to identify IoT products and devices that meet a baseline set of security standards.
Senior Editor, Light Reading
Baumgartner also served as Site Editor for Light Reading Cable from 2007-2013. In between his two stints at Light Reading, he led tech coverage for Multichannel News and was a regular contributor to Broadcasting + Cable. Baumgartner was named to the 2018 class of the Cable TV Pioneers.
You May Also Like
Rethinking AIOPs — It's All About the DataMar 12, 2024
SCTE® LiveLearning for Professionals Webinar™ Series: Fiddling with Fixed WirelessMar 21, 2024
SCTE® LiveLearning for Professionals Webinar™ Series: Cable and 5G: The Odd Couple?Apr 18, 2024
SCTE® LiveLearning for Professionals Webinar™ Series: Delivering the DAA DifferenceMay 16, 2024