Posted on August 8, 2018, at 7:48 p.m. ET
Comcast Xfinity inadvertently exposed the partial home addresses and Social Security numbers of more than 26.5 million customers, according to security researcher Ryan Stevenson, who discovered the security flaws. Two previously unreported vulnerabilities in the high-speed internet service provider’s online customer portal made it easy for even an unsophisticated hacker to access this sensitive information.
After BuzzFeed News reported the findings to Comcast, the company patched the flaws. Spokesperson David McGuire told BuzzFeed News, “We quickly investigated these issues and within hours we blocked both vulnerabilities, eliminating the ability to conduct the actions described by these researchers. We take our customers’ security very seriously, and we have no reason to believe these vulnerabilities were ever used against Comcast customers outside of the research described in this report.”
While Comcast has not found any foul play yet, its review is ongoing. Read more…