Massive Xfinity Data Leak Affects Approximately 36 Million Users
Comcast's Xfinity brand has revealed that it suffered a data breach affecting 35.9 million customers. The breach, which occurred between October 16 and October 19, 2023, was the result of the exploitation of a Citrix vulnerability (CVE-2023-4966).
According to a notice published by the Office of the Maine Attorney General, the accessed data includes usernames, hashed passwords, and for some customers, additional information such as names, contact information, the last four digits of social security numbers, dates of birth, and/or secret questions and answers.
Xfinity discovered suspicious activity during a routine cybersecurity exercise on October 25, 2023. The company promptly patched the software flaw after Citrix's announcement on October 10, 2023. However, the vulnerability had been exploited in the wild as far back as August 2023.
The exploitation of the Citrix vulnerability allowed threat actors to bypass multi-factor authentication (MFA) and hijack user sessions. Xfinity advises customers not to re-use passwords across multiple accounts and recommends enabling multi-factor authentication (MFA) for enhanced security.
Xfinity has issued a password reset across all affected accounts and is recommending that customers change passwords for other accounts for which they use the same username and password or security question. The exact number of customers impacted has not been explicitly revealed by Xfinity.
Additional mitigation guidance was issued by Citrix on October 23, 2023. Xfinity determined on November 16 that attackers had accessed customer data. The company is encouraging customers to stay vigilant and monitor their accounts for any suspicious activity.
The image credit for this article is Ken Wolter / Shutterstock.com. Xfinity urges customers to take the necessary steps to protect their personal information and to remain cautious online.
