Millions of Comcast Xfinity subscribers' individual information – including perchance their usernames, hashed passwords, interaction details, and concealed information question-answers – was apt stolen by 1 aliases much miscreants exploiting Citrix Bleed successful October.
The internet, voice, and cablegram TV supplier this week revealed it had fallen unfortunate to nan captious accusation disclosure bug. Citrix disclosed and patched nan flaw successful its NetScaler gateway appliances connected October 10 earlier urging IT admins to use nan update and kill all progressive and persistent sessions utilizing a bid of commands 3 days later.
By nan extremity of October, "mass exploitation" of Citrix Bleed was underway, and ransomware crews were moving to maltreatment and monetize nan information flaw. The bug tin beryllium exploited to remotely break into firm networks, bargain data, and perpetrate different crimes.
Despite having "promptly patched and mitigated nan Citrix vulnerability wrong its system," during a regular cybersecurity workout connected October 25, "Xfinity discovered suspicious activity," Comcast spokesperson Joel Shadle told The Register today.
The US cablegram elephantine "subsequently wished that betwixt October 16 and October 19, 2023, location was unauthorized entree to its soul systems that was concluded to beryllium a consequence of this vulnerability," Shadle said.
In a privateness breach notification revenge pinch nan Maine Attorney General's agency connected Monday, Comcast said 35.9 cardinal people were affected by nan integer break-in.
Shandle says that number doesn't needfully mean "customers," and that "user IDs" is simply a amended measurement to put it. One customer mightiness person aggregate personification IDs — for different family members, picnic properties, and nan like.
Regardless, it's a monolithic magnitude of people, and perchance each of Xfinity's customers. To put it successful context: successful 2022, Comcast provided high-speed broadband net entree to much than 32 million customers.
After discovering nan intrusion, Xfinity notified national rule enforcement, and by November 16 "determined that accusation was apt acquired," it disclosed. [PDF].
As of December 6, nan perchance stolen customer information includes usernames and hashed passwords, nan net supplier said. Plus, "for immoderate customers" nan crooks besides apt nabbed people's names, interaction information, nan past 4 digits of Social Security numbers, dates of birth, and/or concealed questions and answers.
- 'Mass exploitation' of Citrix Bleed underway arsenic ransomware crews heap in
- Scores of US in installments unions offline aft ransomware infects backend unreality outfit
- Mr Cooper cyberattack laid bare: 14.7M people's info stolen, costs deed $25M
- Cyber-crooks gaffe into Vans, trample complete operations
And nan telco warned: "The information study is continuing."
While your humble vulture is trying really difficult to beryllium a glass-half-full kinda bird, it's difficult to shingle nan emotion that things are gonna get worse.
Xfinity is now requiring subscribers to reset their passwords, and "strongly recommends" enabling two- aliases multi-factor authentication. As always, please don't reuse passwords crossed aggregate accounts.
If you are utilizing nan aforesaid password and information question-answer combo for different services successful summation to Xfinity, prevention yourself immoderate imaginable symptom down nan statement and alteration those for your different accounts, too. ®