Your Information Was Leaked in Mid-October, but Comcast Informed It Today

Your Information Was Leaked in Mid-October, but Comcast Informed It Today

by

In today’s age, data breaches are becoming all too common, and no one is exempt.

Your personal information might be at risk of getting leaked, just like many others who have fallen victim to cyberattacks.

Cordcutternews reports that Comcast disclosed a significant data breach today, which took place between October 16 and October 19, 2023.

The breach exposed customers’ personal data, including hashed passwords, contact details, the last four digits of social security numbers, and birthdates.

The breach was linked to a vulnerability in software provided by Citrix, a partner of Comcast. Citrix had announced the vulnerability on October 10, 2023, and Comcast acted promptly to patch and mitigate the issue.

 

Comcast said in a statement to customers:

“On October 10, 2023, one of Xfinity’s software providers, Citrix, announced a vulnerability in one of its products used by Xfinity and thousands of other companies worldwide. We promptly patched and mitigated our systems.” 

Comcast notified federal law enforcement, conducted an investigation, and confirmed on November 16, 2023, that information was likely accessed during the breach.

Although the exact number of affected customers is unknown, Comcast urged customers to reset their passwords and recommended enabling two-factor or multi-factor authentication.

But Why did Comcast take so long to tell customers?

Sometimes, companies take time to let customers know about a data breach for a few reasons.

While I can’t give you details about why Comcast made this choice in this case, here are some general reasons why companies might delay telling customers:

  1. Investigation Process: Companies need time to thoroughly check what happened during a data breach. They want to figure out how much data got exposed and how it might affect customers before telling them.
  2. Legal and Rules Stuff: There are rules about telling people when there’s been a data breach. Companies might have to work with law enforcement and follow certain rules to make sure they’re doing things right. This can take some time.
  3. Fixing Security Issues: Before telling customers, companies often try to fix the problems that let the breach happen. They might add extra security or updates to stop it from happening again.
  4. Checking the Risks: Companies might look at how likely it is that bad things could happen because of the breach. This helps them decide how fast they need to tell customers and what they should do about it.

Leave a Comment