CULTURE Service Services and the Internet XFINITY (division Comcast Corp) reported a cyber attack on their systems that occurred in October.
On October 25, two weeks after Citrix released security updates to address a critical vulnerability known as Citrix Bleed, designated by the identifier CVE-2023-4966, XFINITY discovered traces of malicious activity in their network infrastructure. Hackers reportedly had access to the company’s networks from October 16 to 19. Mandiant, a cybersecurity firm, reported that the exploitation of this vulnerability began at the end of August.
On November 16, XFINITY revealed that as a result of their investigation into the incident, approximately 35,879,455 people had their information compromised. On December 6, the company concluded that the stolen information included user names and hashed passwords. For some customers, additional compromised information may have included names, contact information, the last four digits of social insurance numbers, date of birth, and secret questions along with their answers.
It is worth noting that a year ago, XFINITY customer accounts were also hacked during mass attacks that involved the selection of accounting data. This allowed attackers to gain access to passwords for other services, including cryptocurrency exchanges such as Coinbase and Gemini.
XFINITY representatives emphasized that the company’s operations were not affected during the attack, and no ransom demands were made afterwards. While the company may not consider the incident to be severe, given the large number of affected customers, XFINITY advised users to reset their account passwords and enable two-factor authentication as a precautionary measure.