Not Good: A massive data hack at Xfinity affected nearly ALL Comcast customers

According to new reports, every single Xfinity customer had their data stolen in a massive Comcast hack that happened nearly two months ago mid-October.

A security breach at Comcast-owned Xfinity exposed the personal data of nearly ALL Comcast customers, including account usernames, passwords and answers to their security questions. 

Comcast – Xfinity data hack coughed up Names, Contact Information, Passwords, Last 4 Digits of SSNs, and Birthdays of 36+ Million Customers

A security breach at Comcast-owned Xfinity has exposed the personal data of nearly all the internet provider’s customers, including account usernames, passwords and answers to their security questions. 

Comcast said in a filing with Maine’s attorney general’s office that the hack affected 35.8 million people, with the media and technology giant notifying customers of the attack through its website and by email, the company said Monday. The intrusion stems from a vulnerability in software from cloud computing company Citrix, according to Comcast.

Although Citrix patched the vulnerability in October, Xfinity learned that unauthorized users gained access to its internal systems between Oct. 16 and Oct. 19, revealing customer data. For some people, that included their names, contact information, account usernames and passwords, birthdates, parts of their Social Security numbers and answers to their security questions. [CBS News]

In addition to Xfinity, Citrix provides software to thousands of companies around the world. The previously-announced vulnerability, dubbed “Citrix Bleed,” has also been linked to hacks targeting the Industrial and Commercial Bank of China’s New York arm and a Boeing subsidiary, among others.

Under new federal rules that took effect Monday, the Securities Exchange Commission requires public companies to disclose all cybersecurity breaches that could affect their financial results within four days of determining a breach is material.

Honestly, I’m not too worried about Comcast being the latest major corporation that completely fucked up everything. It should come as no surprise to anyone that all of these companies (Facebook, Instagram, Google, Comcast, etc.) have either suffered massive data hacks or in some cases (Shoutout Zuckerberg) just straight up sold all your information to the highest bidder. 

Also – thanks Comcast. Apparently this happened between October 16th and 19th, a full two months ago and we’re now just finding out about this? Great. Way to take preventative measures to protect your customers. I guess it’s good to know you care as much about us as you do the hockey team that you supposedly own. We’re all on an equal playing field of constantly getting fucked over by you. Nice. 

Maybe this explains the insane amount of Spam calls that I’ve been getting over the last 2-3 months?

No clue. It’s not like I have anything else to worry about. If these hackers want to take my money, by all means, snag the few hundred in my bank account and go crazy at the Local Dollar Tree. It is the season of giving after all, right? 

Credit to Comcast. Typically when you hear about a data hack or leak, corporations rarely just straight up admit that they had literally all of their customer’s information stolen. Most of the time, they just lie and say it was only a small percentage or honestly, just make shit up to defend themselves for selling out to whatever data farming company that just paid for all your information. 

Comcast? Nope.

They basically told everyone that they have 38.5 MILLION customers and that the data hack comprised 38.5 MILLION customers. That’s the transparency I love to see from Philadelphia’s own sleazeball corporation.

I will say, I think Comcast should stop just raising my internet and cable bill randomly throughout the year now. If you’re going to get hacked, then what the hell am I paying increased prices for? Sounds like you owe all your customers an “apology discount” since some company is probably in the process of tracking my every move and feeding all my behaviors into an artificial intelligence machine or selling it off to China so they can have a clone of me running around Hong Kong. 

There’s absolutely no shot I’m setting up Two Fact Authorization or taking any additional action on my end. I would rather have my entire digital footprint stolen, reused, and repurposed than trying to use 2FA to access the littlest of things. That’s all complete bullshit and just an easy way for corporations like Comcast to blame their customers rather than their own shitty infrastructure that allowed the hack in the first place. 

Anyways, that sucks. Maybe it would have been a bigger story if this shit didn’t happen on a daily basis?

I guess we’ll never know.

Join The Chase