Comcast's Xfinity Suffers Data Breach Affecting 36 Million Customers

Hackers exploited a vulnerability in third-party vendor Citrix's software, compromising sensitive customer data.

Comcast's Xfinity division has suffered a data breach, with hackers exploiting a vulnerability in third-party vendor Citrix's software, affecting nearly 36 million customers.
The breach occurred between October 16 and 19, 2023, but was not detected until October 25.
Compromised data includes usernames, hashed passwords, contact information, dates of birth, last four digits of social security numbers, and security questions and answers.
Despite Citrix releasing patches for the flaw in early October, Comcast did not implement these in time, leading to the breach.
Comcast has not yet seen any instance of the data being used against its customers, but the compromised data poses significant risks, including identity theft and fraud.