I received a message earlier this morning letting me know that my account had just been logged into. As I was still in bed, I knew this was not correct. I immediately got up and was still able to log in to my account on my computer. I did a password change, and it was successful. I poked around for a bit, checking that nothing was changed, then decided to see if any E-Mails had been sent from my account. Upon clicking that tab, I was asked for my password, which was no longer valid. I had a prior tab open with my account overview still on the screen, and was able to get back to the change password screen, but was unsuccessful in another change.
I called Comcast customer support at this point, and they had me do the reset password option, which was successful. Once back in, I turned on two-factor authentication, which I was unaware comcast offered. My secondary recovery E-Mail account is a Gmail account, which has not been breached, as that has a different password, along with the authenticator attached, and I have not received any attempted password recoveries to that account, nor does the login history show anything strange.
My question is, is there anything else I need to do to ensure the security of the account I may be missing? And is is possible to have comcast flag an account for increased scrutiny if the other party attempts to regain access by calling in? I hadn't logged in to comcast directly for a few months, and don't use their E-Mail, so I'm unsure where the breach may have come from, as virus scans have come up clean on my PC. The only other place I've logged in to comcast is through the app on my phone, but I haven't used that for a few months either.
Also, is it possible for Comcast to see where the login occured from? I asked the rep when I was on the phone, but she said she couldn't see that info.