Comcast Reveals Major Xfinity Data Breach, Says It’s Not Aware Of “Any Attacks On Our Customers”

Jill Goldsmith

December 19, 2023 at 10:25 AM·2 min read

Comcast has revealed that a major data breach at Xfinity may have compromised the accounts of close to 36 million accounts. A vulnerability by one of its software providers, Citrix, exposed usernames and hashed passwords and, for some customers, names, contact information, the last four digits of social security numbers, dates of birth and secret questions and answers.

Xfinity is Comcast’s brand name for its broadband, video and phone services. It has 32 million subscribers, some with multiple use IDs.

More from Deadline

In a statement today, Comcast said: “We are providing notice to customers about a data security incident which exploited a vulnerability previously announced by Citrix, a software provider used by Xfinity and thousands of other companies worldwide. We promptly patched and mitigated the vulnerability. We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers. In addition, we required our customers to reset their passwords and we strongly recommend that they enable two-factor or multi-factor authentication, as many Xfinity customers already do. We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24×7.”

In a previous note, the company said Citrix had announced the vulnerability Oct. 10 for one of its products used by Xfinity. Citrix issued a patch and other guidance but the media giant then discovered there had been unauthorized access of its internal systems from Oct. 17-19, before the fixes.

The company said it notified federal law enforcement and launched an investigation, concluding Dec, 6 that consumer data was breached. It’s continuing to analyze things, meanwhile asking subscribers to change their passwords.

“We know that you trust Xfinity to protect your information, and we can’t emphasize enough how seriously we are taking this matter. We remain committed to continue investing in technology, protocols and experts dedicated to helping to protect your data and keeping you, our customer, safe,” it said.

The vulnerability, called Citrix Bleed, has hit other major companies like Boeing and Toyota. Many states require companies to report data breaches, which is how the news first surfaced.

Best of Deadline

SportsYahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
SportsYahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
SportsYahoo Sports
How to watch the 2024 WNBA preseason tonight: Caitlin Clark’s first Indiana Fever game time, channel and more
The WNBA preseason tips off this Friday. Here's how you can catch Caitlin Clark's first game.
SportsYahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
SportsYahoo Sports
NFL Draft grades for all 32 teams | Zero Blitz
Jason Fitz and Frank Schwab join forces to recap the draft in the best way they know how: letter grades! Fitz and Frank discuss all 32 teams division by division as they give a snapshot of how fans should be feeling heading into the 2024 season. The duo have key debates on the Dallas Cowboys, New York Giants, New Orleans Saints, Los Angeles Rams, New England Patriots, Las Vegas Raiders and more.
SportsYahoo Sports
Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets
Despite a trip to the Western Conference finals in his first season with the team, the Lakers are now ready to look for a replacement for Darvin Ham.
U.S.Yahoo Sports
New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal
It turns out the money was going from Ohtani's bank account to an illegal bookie to ... casinos.
SportsYahoo Sports
The best RBs for 2024 fantasy football according to our analysts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
LifestyleTechCrunch
Acura’s new all-electric SUV proves the most expensive model isn’t always the best
The first electric vehicle I ever drove was a Tesla Roadster in 2011. It was with great anticipation that I slid behind the wheel of the 2025 Acura ZDX Type S. Sure, it's a midsize SUV, but it wears the Type S moniker, a name reserved only for the most fun-to-drive in the Acura stable. On launch, the ZDX will be available in A-Spec and Type S trims -- both of which come equipped with a 102 kWh battery.
StyleYahoo Life Shopping
Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you
It's inexpensive, but is it effective? Dermatologists' verdict is in — and it's unanimous.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Comcast Reveals Major Xfinity Data Breach, Says It’s Not Aware Of “Any Attacks On Our Customers”

Recommended Stories

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

How to watch the 2024 WNBA preseason tonight: Caitlin Clark’s first Indiana Fever game time, channel and more

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

NFL Draft grades for all 32 teams | Zero Blitz

Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets

New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal

The best RBs for 2024 fantasy football according to our analysts

Acura’s new all-electric SUV proves the most expensive model isn’t always the best

Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you