Comcast getroffen door enorme data-inbreuk: alles wat je moet weten

Overcomputers Giveaway: Win the latest from Stündenglass and G Pen.

If you subscribe to Comcast’s Xfinity TV or Xfinity Internet services, now might be a good time to change your password.

This week, the company issued a press release affirming it was the victim of a data breach after one of its software vendors discovered a security bug that was being actively exploited by hackers.

The press release was issued when Comcast started notifying Maine regulators about the cybersecurity incident involving customer data theft, as required by state law.

Comcast is expected to distribute similar notices in states with near-identical laws on the books and where it operates its Xfinity services.

Here is a look at what exactly happened, what Comcast is doing about the situation, and what steps you need to take to protect yourself.

What happened?

The situation began unfolding in early October at a software company called Citrix, which provides tech-related services to thousands of enterprise customers like Comcast.

Specifically, Citrix discovered that one of its products, Citrix NetScaler, had a serious security bug that allowed hackers to grab authentication tokens from onboard memory devices using the software.

Once a hacker obtained the authentication token, they essentially had access to a company’s NetScaler platform.

To make matters even worse, the same exploit was also found to affect Citrix Gateway, a similar service that allows companies to remotely — and, supposedly, securely — access parts of their technical infrastructure.

Citrix published a security bulletin on October 10, notifying clients like Comcast about the situation.

However, researchers believe the exploit was actively being used by hackers as soon as August, giving them plenty of time to target government users and corporations that rely on the two Citrix products.

How does Comcast fit into all of this?

Comcast didn’t say which Citrix products it uses, but given that the company offers residential and enterprise broadband Internet services, it’s fair to assume Comcast probably uses both NetScaler and Gateway as part of its business.

In a press release issued on Monday, Comcast said it received guidance from Citrix on two occasions — October 10 and October 23 — with information about how to fix the security problem.

On October 25, Comcast said it was performing a “routine cybersecurity exercise,” and that is when it discovered that hackers likely gained access to its internal systems between October 16 and October 19.

“Xfinity notified federal law enforcement and initiated an investigation into the nature and scope of the incident,” a Comcast spokesperson said in a statement.

What kind of information was supposedly taken?

It took Comcast nearly three weeks to conclude that “information was likely acquired,” which may include the personal information of some of its Xfinity TV, Xfinity Internet, and Xfinity Mobile subscribers.

That information could include:

• A customer’s name
• A customer’s address and other contact information
• The last four digits of a customer’s Social Security number
• A customer’s date of birth
• Usernames and “hashed,” or encrypted, passwords
• The answers to a customer’s “secret” login question(s)

Comcast said the findings are not conclusive, and its “data analysis is continuing.” But, since the company apparently has information that leads it to believe customer information was “likely acquired,” it began notifying state government officials and customers accordingly.

It isn’t clear why Comcast waited nearly a full month to notify customers after reaching the conclusion that the personal data of Xfinity subscribers may have been compromised.

A Comcast spokesperson has not yet returned an email seeking more information on that point.

What should Comcast customers do?

Change your Comcast Xfinity password

Comcast said it is proactively requiring some customers to reset their passwords when they try to log on to the Xfinity website and related apps.

If a customer gets this prompt, it doesn’t necessarily mean their account information was compromised, only that it could have been.

If you’re a Comcast customer, it’s probably a good idea to change the password on the Xfinity website and any other account where that password may have been reused.

Stop reusing the same password

Since most of us live in the real world where no one actually does that, signing up for a password manager like Bitwarden or NordPass is a good idea.

READ MORE: The best free password managers

Password managers offer a safe (for the most part) way to manage different passwords from a single secure service.

Some — like NordPass and 1Password — will even warn you if you’re using an insecure password or reusing a password across different services.

Turn on “Two-factor authentication” wherever it is offered.

Two-factor authentication (2FA) is an extra layer of security that, coupled with a hard-to-guess password, makes it extremely difficult for hackers to gain access to your online accounts.

In most cases, Two-Factor Authentication involves sending a six-digit code to your phone, usually by text message (though, in some cases, you can also opt for a phone call).

Keep an eye on your credit report and score.

While Comcast says it isn’t aware of anyone actively using the personal information of Xfinity subscribers, some data like names, addresses, birthdates, and Social Security numbers can be used by hackers to open loans, credit lines, and bank accounts.

Most banks, credit unions, and credit card companies offer a limited amount of credit monitoring and alerts to customers for free; if they don’t, Experian offers free basic credit monitoring.

Wrapping this all up

Comcast’s recent acknowledgment of a data breach serves as a critical reminder of the digital vulnerabilities that exist even within large corporations.

With all that said, act now: change your Xfinity password, stop reusing passwords, and turn on two-factor authentication. Stay vigilant to protect your personal info from cyber threats.