Written By Michael Pawloski And Presented By Ziften CEO Chuck Leaver
The Customers Of Comcast Are Victims Of Data Exfiltration and Shared Hacks Via Other Businesses
The personal details of around 200,000 Comcast customers was compromised on November 5th 2015. Comcast was required to make this statement when it emerged that a list of 590,000 Comcast consumer emails and passwords could be purchased on the dark web for a mere $1,000. Comcast argues that there was no security attack to their network however rather it was via past, shared hacks from other businesses. Comcast further claims that only 200,000 of these 590,000 consumers actually still exist in their system.
Less than 2 months previously, Comcast had actually currently been slapped with a $22 million fine over its unexpected publishing of almost 75,000 clients’ individual information. Somewhat paradoxically, these consumers had specifically paid Comcast for “unlisted voice-over-IP,” a line product on the Comcast bill that specified that each customer’s details would be kept confidential.
Comcast instituted a mass-reset of 200,000 consumer passwords, who may have accessed these accounts before the list was offered. While an easy password reset by Comcast will to some extent safeguard these accounts going forward, this doesn’t do anything to safeguard those customers who might have reused the very same e-mail and password mix on banking and payment card logins. If the client accounts were accessed prior to being revealed it is definitely possible that other personal details – such as automated payment info and home address – were currently obtained.
The conclusion to this: Presuming Comcast wasn’t hacked directly, they were the victim of many other hacks that contained data connected to their customers. Detection and Response solutions like Ziften can prevent mass data exfiltration and typically mitigate damage done when these inescapable attacks occur.