Xfinity Details

Xfinity

Philadelphia, Pennsylvania • employees • Telecommunications

Industry

Telecommunications

Security Incidents

Comcast Cable Communications, LLC, doing business as Xfinity, is an American telecommunications business segment and division of Comcast Corporation.

Security Incidents

Xfinity Breach of Jun 2023

Severity Score

Moderate to Significant

Type

Credential Stuffing

Summary

In June 2023, a significant security incident occurred at Xfinity, affecting nearly 36 million customers. Hackers gained unauthorized access to Xfinity's internal systems due to a vulnerability in software from cloud computing company Citrix. The breach resulted in the exposure of usernames, hashed passwords, and additional personal information such as names, contact details, last four digits of Social Security numbers, dates of birth, and secret questions and answers. Xfinity promptly notified customers of the data breach through various channels, including the company's website, email, and n...
Show more

Severity

The Xfinity data breach in June 2023 was severe as hackers gained access to the personal information of nearly all of the company's customers, including usernames, hashed passwords, names, contact information, last four digits of Social Security numbers, dates of birth, and secret questions and answers. The breach was a result of a vulnerability in software from cloud computing company Citrix, exposing sensitive data of almost 36 million Xfinity customers.

Impact

The breach impacted Xfinity customers by potentially compromising their personal information, leading to risks of identity theft, unauthorized access to accounts, and other fraudulent activities. Xfinity advised customers to change passwords for other accounts using the same credentials and notified them through various channels about the breach.