Nostr Web Client

Xfinity Discloses Data Breach Impacting Nearly 36 Million

- Xfinity, a brand of Comcast Cable, has revealed a data breach impacting 35.9 million customers.

- The breach resulted from the exploitation of a Citrix vulnerability.

- Xfinity promptly patched and mitigated the vulnerability but discovered unauthorized access to its internal systems.

- The vulnerability allows threat actors to bypass multi-factor authentication (MFA) and hijack user sessions.

- Customer data, including usernames, hashed passwords, and personal information, was accessed.

- Xfinity has issued a password reset and recommends enabling multi-factor authentication.

- Customers are advised to change passwords for other accounts that use the same credentials.

- The Office of the Maine Attorney General confirmed the number of customers impacted.

#Xfinity #DataBreach #Cybersecurity #Citrix #MultiFactorAuthentication #PasswordReset #CustomerDataSecurity