Comcast says hackers stole data of close to 36 million Xfinity customers::Hackers exploited a known but unpatched flaw, allowing hackers access to the sensitive information of almost 36 million Comcast customers.
Basically this data included customer details on 36 million customers, and Xfinity only has 32 million active customers…
They’ve already admitted it includes all plaintext customer details (names, address, last 4 SSN, etc.), and their password hashes, but no info on what hashing function was used to make them, or if they were salted.
This is just what they’ve admitted. Who wants to place bets on whether they also got all the customer data that shouldn’t be legal to collect, but is e.g. browsing habits, traffic analysis, user/household metadata?
They don’t seem to allow account deletions. Does it mean that this could include accounts that they still keep but people don’t use their services anymore?
It could be account information from partnerships e.g. bundles, old customers, subsidiary companies, or something else entirely.
Your guess is as good as mine.
I would expect that number to be much higher than 4 million.
Imagine if your connection history got leaked by this.
“Whoa holy shit this dude looks at a fucking ton of yiff every day”
(not me since I use an encrypted DNS provider… but someone like me)
a good reason to always have your vpn on
That way your info only gets exposed when the VPN sells it
Depends on what VPN
only if you choose one that logs data.
an ISP-only approach is objectively worse in every way: not only you often don’t even have an option to choose between them, but they have all your private info, are subject to your country’s laws, and they’re known to log and report data to 3 letter agencies, data that can probably also be stolen or purchased by other bad actors.
with their website taking inexplicably long (~1min) to load a simple user settings page, I’m considering practicing some pentesting to be able to change my own info.
I’m so used to having my personal info leaked. Sony, T-Mobile, Experian, LastPass, Comcast… what an incredible world we live in.
Can i have yer credit card number?
Sure, it’s available in several databases you can find on some very credible sites 🤣
I was wondering why they just forced a password change.
Oh no, this will surely tarnish Comcast’s spotless reputation.
