Written By Michael Pawloski And Presented By Ziften CEO Charles Leaver
The Consumers Of Comcast Are Victims Of Data Exfiltration and Shared Hacks Via Other Companies
The private info of roughly 200,000 Comcast clients was compromised on November 5th 2015. Comcast was forced to make this announcement when it came to light that a list of 590,000 Comcast customer e-mails and passwords could be purchased on the dark web for a token $1,000. Comcast maintains that there was no security breach to their network but rather it was through past, shared hacks from other companies. Comcast even more declares that just 200,000 of these 590,000 consumers actually still exist in their system.
Less than two months earlier, Comcast had actually currently been slapped with a $22 million fine over its unintentional publishing of nearly 75,000 customers’ individual information. Somewhat ironically, these customers had actually specifically paid Comcast for “unlisted voice-over-IP,” a line item on the Comcast bill that stipulated that each client’s details would be kept private.
Comcast instituted a mass-reset of 200,000 customer passwords, who may have accessed these accounts before the list was offered. While a basic password reset by Comcast will to some extent protect these accounts moving forward, this doesn’t do anything to secure those consumers who may have reused the exact same email and password combination on banking and credit card logins. If the consumer accounts were accessed prior to being divulged it is definitely possible that other individual details – such as automated payment details and home address – were already obtained.
The bottom line is: Assuming Comcast wasn’t hacked directly, they were the victim of numerous other hacks that contained data related to their consumers. Detection and Response systems like Ziften can prevent mass data exfiltration and typically reduce damage done when these inevitable attacks happen.