x
Breaking News
More () »

Comcast's Xfinity breach may have affected as many as 35.8 million customers

Xfinity warned customers that some of their personal information was "likely acquired" during a recent data breach.

WASHINGTON — Comcast's Xfinity announced on Monday there was unauthorized access to some of its internal systems in October, which likely exposed the personal information of its customers. 

Xfinity, which provides television, phone and internet services, notified customers that the breach occurred between Oct. 16 and Oct. 19 and some customer info was "was likely acquired" including usernames and hashed passwords. Other info may have been exposed such as the last four digits of social security numbers, contact details and secret questions and answers, the company said. 

While the notice didn't say how many Xfinity customers have been impacted, Comcast revealed in a filing with the Maine Attorney General's Office that 35,879,455 people were affected by the data breach. As TechCrunch noted, Comcast reported in September that the company had more than 32 million broadband customers, meaning that most Xfinity customers have been affected. 

A spokesperson told TechCrunch in a statement that they are not aware of any customer data from the breach being leaked anywhere online. 

As a result of the breach, Xfinity is having all its customers reset their account passwords. The company also is strongly encouraging customers to enroll in two-factor or multi-factor authentication. 

According to the company, the data breach was due to a Citrix software vulnerability, which has now been fixed. 

"We know that you trust Xfinity to protect your information, and we can’t emphasize enough how seriously we are taking this matter," the company stated in its notice to customers. "We remain committed to continue investing in technology, protocols and experts dedicated to helping to protect your data and keeping you, our customer, safe."

Xfinity added that it notified federal law enforcement of the data breach and its own analysis is ongoing. 

Before You Leave, Check This Out