Xfinity discloses a data breach — but doesn’t say how many users are affected

Share via:

Image: Xfinity

Xfinity is notifying customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, and more. In a notice on Monday, Xfinity says “there was unauthorized access” to its systems from October 16th to October 19th, 2023.

Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability.”

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity’s notice. Meanwhile, “some customers” may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says “data analysis is continuing.”

We still don’t know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it’s also encouraging users to turn on two-factor authentication.

“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” Xfinity spokesperson Joel Shadle says in an emailed statement to The Verge. “We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24×7.”

You can find the full notice, including contact information for the company’s incident response team, on Xfinity’s website.

Update December 18th, 6:37PM ET: Added a statement from Xfinity.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Xfinity discloses a data breach — but doesn’t say how many users are affected

Image: Xfinity

Xfinity is notifying customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, and more. In a notice on Monday, Xfinity says “there was unauthorized access” to its systems from October 16th to October 19th, 2023.

Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability.”

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity’s notice. Meanwhile, “some customers” may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says “data analysis is continuing.”

We still don’t know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it’s also encouraging users to turn on two-factor authentication.

“We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” Xfinity spokesperson Joel Shadle says in an emailed statement to The Verge. “We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24×7.”

You can find the full notice, including contact information for the company’s incident response team, on Xfinity’s website.

Update December 18th, 6:37PM ET: Added a statement from Xfinity.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Curefoods’ FY24 Loss Halves To INR 173 Cr

SUMMARY Curefoods’ loss fell 49.64% on the back of...

MobiKwik Shares Rally 15% After INR 118 Cr Block...

SUMMARY Shares of MobiKwik rallied nearly 15% to hit...

Swiggy In 2024: IPO Delivered, Profitability Next?

Just days before Swiggy’s $1.3 Bn IPO, cofounder...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!