An Xfinity data breach has recently come to the public’s attention. In response, Xfinity is requiring people to change their passwords.
Users do not need to panic. There are a few important things to be aware of, as well as actions that might be required.
What exactly happened?
Between October 16-19, 2023, Xfinity stated there was “A vulnerability in their system that allowed for unauthorized access to their internal systems.”
This was initially announced by their software provider, Citrix. After investigation they determined that some personal information such as user names and hashed passwords were acquired. The extent of the breach has not been fully disclosed and analysis is still ongoing. They have stated may have affected up to 36 million users.
Comcast also said they are not aware of any users’ data being leaked anywhere. They are also not aware of any attacks on their customers.
Actions Required
Because of the breach, Xfinity is requiring many users to reset their passwords. This may happen the next time they log in.
For some users this MUST be done at home on their own wi-fi network. For others there may be a prompt to use a recovery email or phone to receive a reset code. It is important to make sure that the new password is different than the one that may have been leaked.
To see what options you have, go to xfinity.com in a browser and try to log in.
Unfortunately, if the password can only be reset on the user’s home network, SDM is unable to help in shop. Please try to sign in to your account at home before making an appointment here. It is disappointing to have people come all the way into the shop only to have to return home to get access to their account. If you have trouble with this at home, please call and we will try to help you remotely.
Users should keep an eye on any personal information in the account. Make sure all recovery information is correct. Many users have old cell phone numbers or email addresses and their reset options are limited. Users should turn on 2 factor authentication as well.
Users should also make sure to keep an eye on their financial accounts in case any banking information was leaked. If the password leaked was reused for other accounts, it would be smart to change those too.
Hopefully this breach will not cause too much damage. Getting ahead of it and completing these actions soon will reduce the risk of it negatively affecting you.
For a more detailed account of what happened check out this Seattlepi article of the event.
If you have specific questions about the Xfinity Data Breach, or if our terminology isn’t clear, please send us a message. Thank you!