36 Million Accounts Compromised in Comcast Data Breach

Between October 16 and October 19, 2023, hackers exploited a vulnerability in Citrix cloud-computing software. The breach resulted from a weakness in Citrix software, which lets employees remotely access corporate networks and is widely used by large corporations, as reported in an article in the Wall Street Journal. 

The breach compromised nearly 36 million Xfinity accounts, including usernames, hashed passwords, names, contact information, birth dates, the last four digits of social security numbers, and secret questions and answers. Citrix disclosed the software vulnerability on October 10, 2023, two weeks before Comcast discovered suspicious activity on its systems on October 25, 2023.  

The significance of the Citrix bug has been emphasized by cybersecurity experts, with David Kennedy, founder of TrustedSec, labeling it one of the most significant cybersecurity issues of the year. He anticipates that more companies using Citrix for cloud services will discover breaches in the coming weeks and months.

Citrix released patches in October and has urged customers to promptly apply the patches to secure their systems. Comcast has since patched the affected software, but the incident raises concerns about broader implications for cybersecurity.

As of September 30, 2023, Comcast’s Xfinity business — encompassing broadband internet, pay TV, and wireless phone services — had around 32 million individual customers. The compromised number of accounts surpasses the customer base due to the breach’s potential effects on inactive or multiple accounts.

Comcast stated that it’s not aware of any leaked customer data or attacks on its customers, However, it mandates password resets and recommends multifactor authentication for enhanced security. The incident highlights the ongoing challenges companies face in safeguarding sensitive information against evolving cyber threats.