36 million people affected by data breach at Xfinity

Cable TV and internet service provider Xfinity says a breach linked to a widespread vulnerability in Citrix technology exposed data of about nearly 36 million people in mid-October.
The intrusion happened between October 16-19, after Citrix had announced the bug but before Xfinity patched its systems, the Philadelphia-based company said in a notification filed Monday with Maine regulators.
Since Citrix announced the bug on October 10, it has prompted warnings from cybersecurity experts and the federal government about exploitation by malicious hackers.
Cybercrime groups are suspected to have used it in attacks against the healthcare, aviation, banking and manufacturing sectors, among others.
Xfinity - a division of Comcast Corp., which also runs entertainment company NBCUniversal - said it patched its systems on October 23 after Citrix issued additional guidance.
The regulatory filing does not specify exactly when Xfinity discovered the breach.
The company is asking customers to reset their passwords and is urging them to add two-factor authentication to their accounts.
Joe Warminsky is the news editor for Recorded Future News.
He has more than 25 years experience as an editor and writer in the Washington, D.C., area.
Most recently he helped lead CyberScoop for more than five years.
Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.


This Cyber News was published on therecord.media. Publication date: Tue, 19 Dec 2023 14:30:23 +0000


Cyber News related to 36 million people affected by data breach at Xfinity

Comcast Xfinity Reports Data Breach Exposing Info About 35M Customers - PRESS RELEASE. MARLTON, N.J., Dec. 19, 2023 /PRNewswire/ - Approximately 35 million consumers are being notified that their confidential information was compromised due to a vulnerability in software created by Citrix and used by Xfinity. The data ...
1 year ago Darkreading.com
Xfinity Rocked with Data Breach Impacting 36 Million Users - LLC, operating under the brand name Xfinity, has suffered a massive data breach affecting 36 million users. Comcast-owned brand Xfinity has initiated the process of notifying its customers about a significant data breach impacting tens of millions of ...
1 year ago Hackread.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Comcast's Xfinity Breached: Data of 36 Million Users Exposed - Citrix bugs caused a lot of problems throughout the year, and as we're closing down 2023, it seems it's not over. This time, Xfinity, Comcast's cable television and internet division has been the victim of a data breach caused by the Citrix bug. ...
11 months ago Heimdalsecurity.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
Xfinity discloses data breach after recent Citrix server hack - Doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems. On October 25, roughly two weeks after Citrix released security updates to ...
1 year ago Bleepingcomputer.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
10 months ago Securityzap.com
Comcast-Owned Telcom Business 'Xfinity' Suffers Data Breach - Comcast-owned Xfinity has suffered a major data breach, affecting more than 25 million of its customers. This intrusion not only demonstrates a risky and expanding practice among hackers, but it has also greatly increased the vulnerability of ...
11 months ago Cysecurity.news
Xfinity Data Breach Impacts 36 Million Individuals - The data breach disclosed recently by Comcast's Xfinity impacts nearly 36 million individuals, the company told US authorities. The incident was disclosed by the telecommunications and smart home solutions provider on December 18, when it admitted ...
1 year ago Securityweek.com
Collection agency FBCS ups data breach tally to 3.2 million people - Debt collection agency Financial Business and Consumer Solutions now says over 3.2 million people have been impacted by a data breach that occurred in February. FBCS is a nationally licensed debt collection agency in the U.S., specializing in ...
5 months ago Bleepingcomputer.com
Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected - The now-infamous CitrixBleed vulnerability has claimed possibly its biggest kill yet: 35 million customers of Comcast Xfinity. Since at least August, attackers have been exploiting CVE-2023-4966, a 7.5 high-severity vulnerability affecting Citrix ...
1 year ago Darkreading.com
36 million people affected by data breach at Xfinity - Cable TV and internet service provider Xfinity says a breach linked to a widespread vulnerability in Citrix technology exposed data of about nearly 36 million people in mid-October. The intrusion happened between October 16-19, after Citrix had ...
1 year ago Therecord.media
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
10 months ago Bleepingcomputer.com
Thousands of Young People Told Us Why the Kids Online Safety Act Will Be Harmful to Minors - How young people feel about the Kids Online Safety Act matters. These comments show that thoughtful young people are deeply concerned about the proposed law's fallout, and that many who would be affected think it will harm them, not help them. In ...
9 months ago Eff.org
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
11 months ago Bleepingcomputer.com
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com
Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com
China's MIIT Proposes Color-coded Contingency Plan for Security Incidents - On Friday, China proposed a four-tier classification system, in an effort to address data security incidents, underscoring concerns of Beijing in regards to the widespread data leaks and hacking incidents in the country. This emergency plan comes ...
1 year ago Cysecurity.news
Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
1 year ago Bleepingcomputer.com
WebTPA data breach impacts 2.4 million insurance policyholders - The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. Some of the impacted people are customers at large insurance companies such ...
7 months ago Bleepingcomputer.com
Millions of Xfinity customers' hashed passwords, info stolen The Register - Millions of Comcast Xfinity subscribers' personal data - including potentially their usernames, hashed passwords, contact details, and secret security question-answers - was likely stolen by one or more miscreants exploiting Citrix Bleed in October. ...
1 year ago Go.theregister.com
PJ&A says cyberattack exposed data of nearly 9 million patients - PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. PJ&A provides medical transcription services to healthcare organizations in the United States. The company said the threat actors ...
1 year ago Bleepingcomputer.com
FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
10 months ago Bleepingcomputer.com
Sav-Rx discloses data breach impacting 2.8 million Americans - Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. A&A Services, doing business as Sav-RX, is a pharmacy ...
6 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)