Comcast Cable Communications, LLC, doing business as Xfinity, is notifying customers of a “data security incident” it says resulted in the theft of customer information. including usernames, passwords, contact information, and more.

On December 18th, 2023, Xfinity confirmed unauthorized system access between October 16th and 19th, 2023.

“After additional review of the affected systems and data, Xfinity concluded on December 6, 2023, that the customer information in scope included usernames and hashed passwords,” the company said.

Buy Me a Coffee

“[F]or some customers, other information may also have been included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers. However, the data analysis is continuing.”

To protect potentially affected accounts, Xfinity is now requiring password resets and strongly recommends enabling two-factor authentication, which over 70% of Xfinity customers already use. Additionally, Xfinity advises not reusing passwords across accounts and recommends changing passwords for any other accounts that share the same username and password or security question as your Xfinity account.

You can find the full notice, including contact information for the company’s incident response team, on Xfinity’s website.

READ
RomCom Cybercrime Group Exploits Zero-Day Chain to Target Firefox and Tor Users