Xfinity admits data breach may have affected 36 million customers

Citrix Bleed vulnerability claims another victim, Comcast reveals

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Xfinity is the latest in a long line of companies to fall victim to Citrix Bleed, parent company Comcast has confirmed, revealing that almost 36 million customers may have had their data stolen.

The company published a press release confirming that it had been breached and that sensitive customer data had been stolen.

“During a routine cybersecurity exercise on October 25, Xfinity discovered suspicious activity and subsequently determined that between October 16 and October 19, 2023, there was unauthorized access to its internal systems that was concluded to be a result of this vulnerability,” the press release read.

Abusing a patched flaw

Further investigation confirmed that the attackers managed to steal people’s sensitive data: “After additional review of the affected systems and data, Xfinity concluded on December 6, 2023, that the customer information in scope included usernames and hashed passwords; for some customers, other information may also have been included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers.”

The company’s customers are now required to reset their passwords, Xfinity confirmed. It also said it “strongly recommends” users enable multi-factor authentication (MFA) to secure their accounts. “While Xfinity advises customers not to re-use passwords across multiple accounts, the company is recommending that customers change passwords for other accounts for which they use the same username and password or security question,” the announcement concluded.

In late October this year, cloud giant Citrix confirmed earlier reports that a critical vulnerability in some of its products was being exploited in the wild.

It released a patch for the flaw, urging users to apply it immediately to ensure their safety from hackers. The vulnerability in question is tracked as CVE-2023-4966. It carries a severity score of 9.4 and affects NetScaler ADC, and NetScaler Gateway.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

A proof-of-concept dubbed Citrix Bleed soon appeared on GitHub.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

The 6 best electric motorcycle concepts and launches from EICMA 2024