Comcast Xfinity Breach Impacts Nearly 36 Million Customers

Learn more about the Comcast Xfinity breach that exposed login credentials of 35.8 million customers. 

When I went to log into my Xfinity account this morning, I was greeted with a prompt to change my password – which is usually a telltale sign a company was breached in some fashion. 

A quick search confirmed that Comcast-owned Xfinity was impacted by a security breach caused by a vulnerability from the software cloud company Citrix. The vulnerability, known as Citrix Bleed, impacted thousands of other companies in addition to Xfinity including Boeing and the Commercial Bank of China.

While Xfinity claims they quickly patched their systems after discovering they were impacted by the vulnerability, there are several reports accusing Xfinity of waiting nearly a week to patch their network, leaving additional time for the hackers to steal customer data. 

Regardless of how fast Xfinity moved to patch the vulnerability, the fact is that the personal information for nearly 36 million customers was breached. According to Xfinity’s official statement, the personal information breached so far includes:

• Username and hashed passwords
• Account names and contact information
• Date of birth and the last four digits of user’s social security numbers
• User’s personal secret questions and answers

While no other personal information is confirmed as part of the incident, Xfinity does state they are still analyzing the breach to gauge the full extent of the damage.

What Should You Do if You Are Impacted by the Xfinity Data Breach?

If you are part of the Xfinity data breach, there are several quick steps you should take:

• Change Passwords – Change your passwords on any other account sharing the same breached credentials as Xfinity. Remember, shared passwords mean shared vulnerability when breaches occur, if you use the same password on all accounts, it only takes one breach to give a master key to threat actors. This is a prime reason why we always advocate using different passwords (across multiple accounts) or password managers. 
• Update Secret Questions and Answers – Just like shared passwords, using the same secret questions and answers on accounts makes them not-so-secret after a breach – so be sure to update these wherever needed. 
• Enroll in Multi-factor Authentication – Multi-factor authentication (MFA) is one of the easiest ways to stay secure online and should always be enabled whenever possible. Xfinity has offered MFA for quite some time, so if you have not enrolled in it, now is the time. 
• Monitor Your Credit Report – Credit reports provide a quick way to review your accounts for any cases of potential fraud. While Xfinity has not announced free credit reporting services, you are entitled to a free copy of your credit report annually from one of the major credit reporting bureaus. In the same vein, be sure to watch your credit card and banking statements for any red flags.  

Keep in mind that these are security measures that you should take as preventative steps when creating any online accounts so that you have some peace of mind when breaches like this occur.  

Related Resources

• Comcast Xfinity Notice to Customers of Data Security Incident 
• Comcast Xfinity Two-step Verification Setup

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

To learn more, visit our dedicated Cybersecurity page.

Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.