Discussion:
Comcast hacked in October...
(too old to reply)
Nil
2023-12-19 17:29:58 UTC
Permalink
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
it. Despite their claim, I was never notified:

"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023

https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/

and

December 18, 2023 04:30 PM Eastern Standard Time

PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
security incident. Starting today, customers are being notified through a
variety of channels, including through the Xfinity website, email, and news
media.

On October 10, 2023, Citrix announced a vulnerability in software used by
Xfinity and thousands of other companies worldwide. Citrix issued additional
mitigation guidance on October 23, 2023. Xfinity promptly patched and
mitigated the Citrix vulnerability within its systems. However, during a
routine cybersecurity exercise on October 25, Xfinity discovered suspicious
activity and subsequently determined that between October 16 and
October 19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."

https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/
Retirednoguilt
2023-12-19 17:59:43 UTC
Permalink
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
security incident. Starting today, customers are being notified through a
variety of channels, including through the Xfinity website, email, and news
media.
On October 10, 2023, Citrix announced a vulnerability in software used by
Xfinity and thousands of other companies worldwide. Citrix issued additional
mitigation guidance on October 23, 2023. Xfinity promptly patched and
mitigated the Citrix vulnerability within its systems. However, during a
routine cybersecurity exercise on October 25, Xfinity discovered suspicious
activity and subsequently determined that between October 16 and
October 19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/
I never was notified either. Maybe our accounts weren't among those
believed to be affected. It's been too long now since we registered
with Comcast for service to remember, but I doubt they required much
besides our names, postal addresses, and the account that pays their
bill. For that matter, anyone who receives a check from me has that
account number as well. I don't believe in jinxes, so I'll say that in
the 36 years I've had that checking account, there's never been any
fraudulent activity. In any case, the bank says in writing that they
will make depositors whole for money stolen from any of their banking
products. Makes me think why the central clearing house still requires
banks to print the full account number on each check in open digits.
Seems a bar code or QR code would also enable automated reading and be
safer for account holders.
Adam H. Kerman
2023-12-19 18:43:20 UTC
Permalink
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
Yes, I was forced to change a password. No, I wasn't notified about the
hack.
Post by Nil
. . .
m***@comcast.net
2023-12-19 20:00:21 UTC
Permalink
On Tue, 19 Dec 2023 18:43:20 -0000 (UTC), "Adam H. Kerman"
Post by Adam H. Kerman
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
Yes, I was forced to change a password. No, I wasn't notified about the
hack.
Post by Nil
. . .
Yes, I had to change my password. The message I got was something
like "It's been a while since you changed your password so now it's
time". No mention of any hack.
Hiram T Schwantz
2023-12-21 22:16:43 UTC
Permalink
On Tue, 19 Dec 2023 12:29:58 -0500, Nil posted for all of us to digest...
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
security incident. Starting today, customers are being notified through a
variety of channels, including through the Xfinity website, email, and news
media.
On October 10, 2023, Citrix announced a vulnerability in software used by
Xfinity and thousands of other companies worldwide. Citrix issued additional
mitigation guidance on October 23, 2023. Xfinity promptly patched and
mitigated the Citrix vulnerability within its systems. However, during a
routine cybersecurity exercise on October 25, Xfinity discovered suspicious
activity and subsequently determined that between October 16 and
October 19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/
I had to change my password(s). I had to call and they would issue a code. The
administrative account was invalid.

I have also trying to have them turn the spam blocker off for two sites that
send wanted email since October of course Comcast blame the email sender.
--
Hiram
Hiram T Schwantz
2023-12-21 22:17:49 UTC
Permalink
On Thu, 21 Dec 2023 17:16:43 -0500, Hiram T Schwantz posted for all of us to
digest...
Post by Hiram T Schwantz
On Tue, 19 Dec 2023 12:29:58 -0500, Nil posted for all of us to digest...
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
security incident. Starting today, customers are being notified through a
variety of channels, including through the Xfinity website, email, and news
media.
On October 10, 2023, Citrix announced a vulnerability in software used by
Xfinity and thousands of other companies worldwide. Citrix issued additional
mitigation guidance on October 23, 2023. Xfinity promptly patched and
mitigated the Citrix vulnerability within its systems. However, during a
routine cybersecurity exercise on October 25, Xfinity discovered suspicious
activity and subsequently determined that between October 16 and
October 19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/
I had to change my password(s). I had to call and they would issue a code. The
administrative account was invalid.
I have also trying to have them turn the spam blocker off for two sites that
send wanted email since October 22 of course Comcast blames the email sender.
--
Hiram
Boris
2024-01-02 19:16:26 UTC
Permalink
Post by Nil
I was going to ask here if anyone else had been recently forced by
Xfinity to change their password. Both of my two email accounts had
had the same password for a few years, so it really was about time,
but it seemed like something had happened on their end for them to
force a change on the same day with no explanation. Then, today, I
read this, which probably explains it. Despite their claim, I was
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-cu
stomers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent
data security incident. Starting today, customers are being notified
through a variety of channels, including through the Xfinity website,
email, and news media.
On October 10, 2023, Citrix announced a vulnerability in software used
by Xfinity and thousands of other companies worldwide. Citrix issued
additional mitigation guidance on October 23, 2023. Xfinity promptly
patched and mitigated the Citrix vulnerability within its systems.
However, during a routine cybersecurity exercise on October 25,
Xfinity discovered suspicious activity and subsequently determined
that between October 16 and October 19, 2023, there was unauthorized
access to its internal systems that was concluded to be a result of
this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Cust
omers-of-Data-Security-Incident/
About two weeks ago, Comcast made me change my password. The only reason
given was that it was 'old', and time to change.

Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how and what
to do to protect one's self, with links to the three credit reporting
bureaus. It was a loooong email.

Seems to me the "Notice of Data Security Incident" should have been sent
out about two weeks ago.

I have Comcast set up at two other locations. Wonder when notices will
arrive there.
Nil
2024-01-03 23:39:28 UTC
Permalink
Post by Boris
Post by Nil
I was going to ask here if anyone else had been recently forced
by Xfinity to change their password. Both of my two email
accounts had had the same password for a few years, so it really
was about time, but it seemed like something had happened on
their end for them to force a change on the same day with no
explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
on-cu stomers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
recent data security incident. Starting today, customers are
being notified through a variety of channels, including through
the Xfinity website, email, and news media.
On October 10, 2023, Citrix announced a vulnerability in software
used by Xfinity and thousands of other companies worldwide.
Citrix issued additional mitigation guidance on October 23, 2023.
Xfinity promptly patched and mitigated the Citrix vulnerability
within its systems. However, during a routine cybersecurity
exercise on October 25, Xfinity discovered suspicious activity
and subsequently determined that between October 16 and October
19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To
-Cust omers-of-Data-Security-Incident/
About two weeks ago, Comcast made me change my password. The only
reason given was that it was 'old', and time to change.
Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how
and what to do to protect one's self, with links to the three
credit reporting bureaus. It was a loooong email.
Seems to me the "Notice of Data Security Incident" should have
been sent out about two weeks ago.
I have Comcast set up at two other locations. Wonder when notices
will arrive there.
Interesting. According to the article, the breach occurred last
October, so they should have notified everybody long before now. I
guess it's good that you finally were notified, but I still haven't
been. I guess they consider that to be progress??

Maybe there was yet another breach in the meantime!
Hiram T Schwantz
2024-01-10 22:25:49 UTC
Permalink
On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...
Post by Nil
Post by Boris
Post by Nil
I was going to ask here if anyone else had been recently forced
by Xfinity to change their password. Both of my two email
accounts had had the same password for a few years, so it really
was about time, but it seemed like something had happened on
their end for them to force a change on the same day with no
explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
on-cu stomers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
recent data security incident. Starting today, customers are
being notified through a variety of channels, including through
the Xfinity website, email, and news media.
On October 10, 2023, Citrix announced a vulnerability in software
used by Xfinity and thousands of other companies worldwide.
Citrix issued additional mitigation guidance on October 23, 2023.
Xfinity promptly patched and mitigated the Citrix vulnerability
within its systems. However, during a routine cybersecurity
exercise on October 25, Xfinity discovered suspicious activity
and subsequently determined that between October 16 and October
19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To
-Cust omers-of-Data-Security-Incident/
About two weeks ago, Comcast made me change my password. The only
reason given was that it was 'old', and time to change.
Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how
and what to do to protect one's self, with links to the three
credit reporting bureaus. It was a loooong email.
Seems to me the "Notice of Data Security Incident" should have
been sent out about two weeks ago.
I have Comcast set up at two other locations. Wonder when notices
will arrive there.
Interesting. According to the article, the breach occurred last
October, so they should have notified everybody long before now. I
guess it's good that you finally were notified, but I still haven't
been. I guess they consider that to be progress??
Maybe there was yet another breach in the meantime!
Are you implying that Comcast has "speed"?
--
Hiram
Retirednoguilt
2024-01-11 14:22:38 UTC
Permalink
Post by Hiram T Schwantz
On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...
Post by Nil
Post by Boris
Post by Nil
I was going to ask here if anyone else had been recently forced
by Xfinity to change their password. Both of my two email
accounts had had the same password for a few years, so it really
was about time, but it seemed like something had happened on
their end for them to force a change on the same day with no
explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
on-cu stomers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
recent data security incident. Starting today, customers are
being notified through a variety of channels, including through
the Xfinity website, email, and news media.
On October 10, 2023, Citrix announced a vulnerability in software
used by Xfinity and thousands of other companies worldwide.
Citrix issued additional mitigation guidance on October 23, 2023.
Xfinity promptly patched and mitigated the Citrix vulnerability
within its systems. However, during a routine cybersecurity
exercise on October 25, Xfinity discovered suspicious activity
and subsequently determined that between October 16 and October
19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To
-Cust omers-of-Data-Security-Incident/
About two weeks ago, Comcast made me change my password. The only
reason given was that it was 'old', and time to change.
Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how
and what to do to protect one's self, with links to the three
credit reporting bureaus. It was a loooong email.
Seems to me the "Notice of Data Security Incident" should have
been sent out about two weeks ago.
I have Comcast set up at two other locations. Wonder when notices
will arrive there.
Interesting. According to the article, the breach occurred last
October, so they should have notified everybody long before now. I
guess it's good that you finally were notified, but I still haven't
been. I guess they consider that to be progress??
Maybe there was yet another breach in the meantime!
Are you implying that Comcast has "speed"?
Their lawyers probably insisted that Comcast act promptly to minimize
exposure to lawsuits claiming losses due to negligence to promptly
notify the customers.
Hiram T Schwantz
2024-01-11 22:20:55 UTC
Permalink
On Thu, 11 Jan 2024 09:22:38 -0500, Retirednoguilt posted for all of us to
digest...
Post by Retirednoguilt
Post by Hiram T Schwantz
On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...
Post by Nil
Post by Boris
Post by Nil
I was going to ask here if anyone else had been recently forced
by Xfinity to change their password. Both of my two email
accounts had had the same password for a few years, so it really
was about time, but it seemed like something had happened on
their end for them to force a change on the same day with no
explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
on-cu stomers/
and
December 18, 2023 04:30 PM Eastern Standard Time
PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
recent data security incident. Starting today, customers are
being notified through a variety of channels, including through
the Xfinity website, email, and news media.
On October 10, 2023, Citrix announced a vulnerability in software
used by Xfinity and thousands of other companies worldwide.
Citrix issued additional mitigation guidance on October 23, 2023.
Xfinity promptly patched and mitigated the Citrix vulnerability
within its systems. However, during a routine cybersecurity
exercise on October 25, Xfinity discovered suspicious activity
and subsequently determined that between October 16 and October
19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."
https://www.businesswire.com/news/home/20231218979935/en/Notice-To
-Cust omers-of-Data-Security-Incident/
About two weeks ago, Comcast made me change my password. The only
reason given was that it was 'old', and time to change.
Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how
and what to do to protect one's self, with links to the three
credit reporting bureaus. It was a loooong email.
Seems to me the "Notice of Data Security Incident" should have
been sent out about two weeks ago.
I have Comcast set up at two other locations. Wonder when notices
will arrive there.
Interesting. According to the article, the breach occurred last
October, so they should have notified everybody long before now. I
guess it's good that you finally were notified, but I still haven't
been. I guess they consider that to be progress??
Maybe there was yet another breach in the meantime!
Are you implying that Comcast has "speed"?
Their lawyers probably insisted that Comcast act promptly to minimize
exposure to lawsuits claiming losses due to negligence to promptly
notify the customers.
I think you nailed it. They have a lot of money therefore a lot of lawyers.
--
Hiram
Gary
2024-01-22 14:28:26 UTC
Permalink
Post by Nil
I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
The focus at "woke" corporations is on DEI, not your account security. Fact!
Nil
2024-01-22 17:18:52 UTC
Permalink
Post by Gary
Post by Nil
I was going to ask here if anyone else had been recently forced
by Xfinity to change their password. Both of my two email
accounts had had the same password for a few years, so it really
was about time, but it seemed like something had happened on
their end for them to force a change on the same day with no
explanation. Then, today, I read this, which probably explains
"Comcast says hackers stole data of close to 36 million Xfinity
customers" - 7:45 AM EST December 19, 2023
https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
on-customers/
The focus at "woke" corporations is on DEI, not your account
security. Fact!
Bullshit.

Loading...