Telecommunications company Comcast has confirmed a breach that exposed personal information of more than 35.8 million of Xfinity customers.
CVE-2023-4966 - an information disclosure vulnerability in Citrix NetScaler ADC/Gateway devices - was disclosed on October 10, when Citrix issued a patch to fix the vulnerability.
Xfinity revealed that the stolen information included usernames and hashed passwords, and that the breach also exposed names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers for some of its customers.
To protect their accounts, customers are advised to change their passwords and to enable two-factor or multi-factor authentication.
The company also urged customers to be vigilant for fraud and identity theft incidents by checking accounts statements, credit card reports, and generally be on the lookout for suspicious activity on their accounts.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Wed, 20 Dec 2023 11:13:04 +0000