Comcast data breach

Pro Search

3 steps completed
Comcast-owned Xfinity experienced a significant data breach that affected nearly 36 million customers. The breach was due to a vulnerability in software provided by Citrix, known as "CitrixBleed"12310. The unauthorized access to Comcast's internal systems occurred between October 16 and 19, 2023, and was discovered during a routine cybersecurity exercise on October 25, 202312681011. The information acquired by the hackers included usernames and hashed passwords. For some customers, other data may have also been compromised, such as names, contact information, the last four digits of Social Security numbers, dates of birth, and/or secret questions and answers123456789101112. Comcast began notifying customers of the data breach on Monday, December 18, 2023, through various channels, including the Xfinity website, email, and news media1289. The company has required customers to reset their passwords and strongly recommends enabling two-factor or multi-factor authentication3469. As of the date of the breach announcement, Comcast stated that it was not aware of any customer data being leaked or of any attacks on its customers349. However, the full scope, nature, and impact of the incident are still under investigation2712. If you are an Xfinity customer, it is recommended to reset your password and enable two-factor or multi-factor authentication. If you've been using the same password elsewhere, make sure to change it across the board and use different passwords for every service going forward58.
what information was compromised in the comcast data breach
what steps is comcast taking to address the data breach
how can customers protect themselves after the comcast data breach