rdrr
Elite Member
- Posts
- 1,243
- Reaction score
- 2,078
Yet another large Data Breach, this time impacting over 35 Million customers of Comcast/Xfinity. And it is infuriating to read the timeline only to be notified on Dec 18th 2023.
https://www.theverge.com/2023/12/18/24007082/xfinity-data-breach-hack-notice-citrix
Compromised information includes;
Names
Contact Information
Partial SSN
Dates of Birth
Secret Questions/Answers
Timeline: (A future business and security case of what not to do)
https://www.theverge.com/2023/12/18/24007082/xfinity-data-breach-hack-notice-citrix
Compromised information includes;
Names
Contact Information
Partial SSN
Dates of Birth
Secret Questions/Answers
Timeline: (A future business and security case of what not to do)
- Oct 10th 2023 - Citrix (a technology company that Comcast/Xfinity is a customer of) disclosed a vulnerability and released a patch.
- Oct 16th to 19th 2023 - Unauthorized activity at Comcast/Xfinity goes undetected.
- Oct 23rd 2023 - Citrix issues more guidance about the vulnerability. Comcast/Xfinity "promptly patched and mitigated our systems." Comcast/Xfinity "subsequently" discovered" an intrusion had already occurred.
- Nov 16th 2023 - Comcast/Xfinity determines data was likely acquired <--- Note that this took 24 days!!!
- Dec 6th 2023 - Comcast/Xfinity identifies which information was exposed.
- Dec 18th 2023 - Notification published on its website