Comcast Data Breach May Have Impacted 35.8M User IDs

By published

Comcast is informing its Xfinity customers of a major data breach but says that it is not "aware of any customer data being leaked anywhere"

Getty Images
(Image credit: Getty Images)

PHILADELPHIA—Comcast has been notifying its Xfinity customers that there was an unauthorized access to its internal systems in October that may have compromised data from 35.8 million user IDs. 

The data breach may have given hackers access to such data as passwords, the last four digits of social security numbers, contact details and other information. 

Comcast has about 32 million customers but noted that customers may have multiple user IDs. It is requiring users to change their passwords and is strongly recommending they implement two-factor authentication. 

The problem was created by a previously announced security problem with Citrix software. Citrix announced the problem in October and the data breach occurred between October 16 and 19, prior to Citrix issuing additional mitigation solutions on October 23, 2023.   

Comcast issued a statement saying, “We are providing notice to customers about a data security incident which exploited a vulnerability previously announced by Citrix, a software provider used by Xfinity and thousands of other companies worldwide. We promptly patched and mitigated the vulnerability.  We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers.  In addition, we required our customers to reset their passwords and we strongly recommend that they enable two-factor or multi-factor authentication, as many Xfinity customers already do.  We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24x7.”

In a letter to customers the company said: “At the time Citrix made this announcement, it released a patch to fix the vulnerability. Citrix issued additional mitigation guidance on October 23, 2023. We promptly patched and mitigated our systems. However, we subsequently discovered that prior to mitigation, between October 16 and October 19, 2023, there was unauthorized access to some of our internal systems that we concluded was a result of this vulnerability. We notified federal law enforcement and conducted an investigation into the nature and scope of the incident. On November 16, 2023, it was determined that information was likely acquired.”

CATEGORIES
George Winslow
George Winslow

George Winslow is the senior content producer for TV Tech. He has written about the television, media and technology industries for nearly 30 years for such publications as Broadcasting & Cable, Multichannel News and TV Tech. Over the years, he has edited a number of magazines, including Multichannel News International and World Screen, and moderated panels at such major industry events as NAB and MIP TV. He has published two books and dozens of encyclopedia articles on such subjects as the media, New York City history and economics.

Read more
Family using different internet connected devices
Comcast Boosts Internet Speeds for More Than 20 Million Customers
FCC chair designate Brendan Carr
UPDATED: Incoming FCC Chair Carr Blasts Agency’s Response to Salt Typhoon Cyberattacks
A firefighter battles the Palisades Fire in Los Angeles.
Comcast NBCUniversal Donates $10 Million to Support L.A. Wildfire Relief
Money
West Virginia AG Reaches $119.5 Million Settlement with Altice USA
Paramount logo
Paramount, Comcast Ink New Multiyear Distribution Agreement
New gateway for apartment connectivity
Comcast Unveils New Gateway for `Instant’ Connectivity for Apartments
Latest in Products
Baton QC diagram
Norway’s NRK Improves Operational Efficiency With Interra Systems
Diversified offices in Plano, Texas
Diversified introduces Atlas Orchestrate Cloud Deployment Platform
VENICE Extension System Mini (CBK-3621XS), the latest addition to its CineAlta lineup.
Sony To Feature New VENICE Extension System Mini At 2025 NAB Show
Appear
NAB Show: Appear to Introduce VX Media Gateway
GatesAir
GatesAir to Debut ASTC 3.0 Modulator for LPTV at 2025 NAB Show
WPLG new studio
WPLG Selects Ikegami HDK-X500 Cameras For New Production Studio
Latest in News
Man watching TV showing The Wild Robot
Peacock Added to Charter’s Spectrum TV Select Package at No Extra Cost
Melissa Zimyeski, vice president of product, and Mat Yurow, vice president of growth, Tegna
Tegna Taps Melissa Zimyeski to Lead Development of Digital Consumer Products
Baton QC diagram
Norway’s NRK Improves Operational Efficiency With Interra Systems
AI-powered translation of English captions to Spanish
XL8 Delivers Real-Time Ai-Powered Spanish Captions to U.S. Public Broadcasters
Ateliere Live interface for sports
Ateliere to Debut TAMS Replay Capability at 2025 NAB Show
FCC meeting room lobby
FCC Launches Proceeding on GPS Alternatives
More about equipment
Baton QC diagram

Norway’s NRK Improves Operational Efficiency With Interra Systems
Diversified offices in Plano, Texas

Diversified introduces Atlas Orchestrate Cloud Deployment Platform
Man watching TV showing The Wild Robot

Peacock Added to Charter’s Spectrum TV Select Package at No Extra Cost
See more latest