In a startling revelation, Comcast acknowledges a major cybersecurity breach affecting nearly 36 million Xfinity customers, with hackers exploiting the critical-rated "CitrixBleed" vulnerability
Understanding the CitrixBleed Vulnerability
According to a report by The Verge, CitrixBleed vulnerability, a security flaw was plaguing Citrix networking devices widely utilized by major corporations.
The cybersecurity experts gave the timeline of mass exploitation by hackers. According to them, it commenced in late August, despite Citrix releasing patches in early October.
Shockingly, prominent entities such as Boeing, the Industrial and Commercial Bank of China, and Allen & Overy fell victim to this vulnerability.
Xfinity is CitrixBleed's Latest Casualty
Comcast's cable television and internet division, Xfinity, falls prey to the CitrixBleed vulnerability, as confirmed by the company in a customer notice. Hackers infiltrated Xfinity's internal systems between Oct. 16 and Oct. 19, with the company detecting the breach on Oct. 25.
Related Article : Ransomware Gang Exposes Insomniac Games-Wolverine Video Game, Employee Details Leaked
Hackers Likely Stole Confidential Data From Victims
Xfinity acknowledges that hackers likely obtained sensitive information, including usernames and hashed passwords on Nov. 16. The extent of the breach expands to encompass customer data such as names, contact details, dates of birth, the last four digits of Social Security numbers, and security questions and answers.
Comcast remains vigilant, indicating ongoing data analysis and a commitment to providing further notifications as needed.
Magnitude of the Breach
Despite the undisclosed number of affected Xfinity customers, a filing with Maine's attorney general reveals that approximately 35.8 million individuals are impacted.
Considering Comcast's extensive customer base, with over 32 million broadband subscribers, it appears that the breach has ramifications for a significant portion, if not all, of Xfinity's customers.
How to Protect Yourself From CitrixBleed Vulnerability
Xfinity takes proactive measures in response to the breach, mandating customers to reset their passwords. Additionally, the company advocates for the adoption of two-factor or multi-factor authentication, emphasizing an extra layer of security for all customer accounts.
Several questions loom over the incident, such as the existence of a ransom demand, the impact on the company's operations, and compliance with the U.S. Securities and Exchange Commission's data breach reporting rules.
Comcast remains tight-lipped on these matters, leaving room for continued speculation and concern within the cybersecurity landscape.
"We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers," Shadle told TechCrunch via email.
Speaking of Xfinity, Comcast reportedly cut the free Peacock Premium service to Xfinity users. According to Tech Times, the monthly fee for this service typically falls at almost $5. Since 2020, there have been no extra fees charged to customers.
After this move, Xfinity proposed the rollout of a discounted version of Peacock Premium. This served as an alternative to the phased-out service.