Visitor
•
9 Messages
Data Leak
What is Xfinity doing about the latest data leak? So far, I know my email address and name has been compromised from xfinity but have not received an email from xfinity regarding the incident. I am getting dozens of spam emails. I have an email account set up specifically for xfinity so there is no confusion. We deserve to know what other information has been compromised and what you are doing about it.
Accepted Solution
user_9e6fd9
Visitor
•
5 Messages
3 years ago
I'm with you @iklopez501, they as a public company must disclosed and be transparent with these incidents, I have received 3 direct phising emails (not your standard spam campaign email) during the last 2 days (that did not go to my spam folder, there are more there) sent to an email address that was exclusively and only created and only given to Xfinity when my account was opened. Your report here confirms this is part of something larger.
2
CCChe
Official Employee
•
6.9K Messages
3 years ago
Hello @iklopez501! We appreciate you for posting to the Xfinity Community Forum to get assistance. We appreciate you for bringing this to our attention. Upon further research of the data leak you mentioned, I was not able to confirm that is true from our end. Based on what you've reported, I would highly recommend contacting the Comcast Security Assurance Team to see if there is something else going on that they can find. You can reach them online here, 6:00am - 2:00am EST, 7 days a week, or by calling 1-888-565-4329. I hope this helps!
0
0
iklopez501
Visitor
•
9 Messages
3 years ago
I called the Comcast Security Assurance Team and they assured me my account was safe because I have MFA when I log in. While that's great, I don't think my information was compromised there. They also had me send them copies of the emails. I appreciate their help but unless someone is really looking into this, I believe this will just snowball from here.
I suspected as the last user commented, this is something larger. It might not even be on Comcast's radar yet. All I know is that it is not a coincidence and I bet if more people checked, they would see that they are receiving targeted spam through the email account used for their Comcast account.
2
0
rightfooted
Expert
•
1.4K Messages
3 years ago
There was no data breach. According to Comcast, “The database in question contained only simulated data, with no real employee, customer or company data, outside of four publicly available Comcast email addresses. The database was used for software development purposes and was inadvertently exposed to the Internet. It was quickly closed when the researcher alerted us of the issue. We value the work of independent security researchers in helping us to make our products and services safer and thank the researcher for his responsible disclosure in this matter.”
See the article at https://www.securitymagazine.com/articles/94550-researchers-discover-exposed-comcast-database-containing-15-billion-records .
4
0