Citrix made intrude in early October, however many company did not patch in time. Hackers have consume the CitrixBleed vulnerability to hack into mega name, such as international law firm Allen & Overy, the Commercial Bank of China, Aresospace king Boeing.
The US Telecom big fish told that hackers exploiting the CitrixBleed vulnerability had reach to its internal system between October 16 and October 19 however company did not detect the malicious activity until October 25.
The company tells that undefined number of consumers, hackers may have also reached names, dates of birth, contact information, the last four digits of Social Security number and secret answers and questions.
By November 16, Xfinity decide that “information was likely acquired” by the hackers. and in December the organization told that this consist of consumer data, hashed passwords, which are protect in a way that makes them unreadable to human being. It is not clear how the passwords were scrambled or using algorithm can be cracked.
Comcast says that “our data analysis is continuing and we will give additional info as appropriate” .
Xfinity express it is requiring that consumer reset their passwords and use multi factor authentication which the company usually does require for all consumer accounts after xfinity hack.
We are not aware of any customer data being leaked anywhere nor of any attacks on our consumers said shadle.
It is not confirm xfinity receive a ransom demand or the incident has been filed with the US Securities and Exchange Commission. as need by the regulator new data breach reporting rules.
comcast breach are 35.8 million consumers are affected. Comcast latest report shows the company has more than 32 million broadband customer suggesting this breach has impacted most.
xfinity data breach 2023, Comcast cable television and internet division became the current citrix bleed victim the company told in a notice to customers.