Just how many had their xfinity e-mail hacked yesterday?

Are you locked out of the primary account currently?  You can remove the account from the "your profile" page.  Also, after changing the password, log into email with a web browser, hit the gear icon on the top left and look at settings.  Make sure you aren't forwarding email (left side tab after you hit settings).

If it changes back again, you got other issues.  Get an ubuntu boot DVD, boot a clean OS, create a drop email account on gmail or protonmail, and unlink every account you have tied to your Xfinity account.   You might consider going scorched earth anyway, especially if you used the same password somewhere else or frequently.

Thanks for posting here. I had the same thing happen to my account today (12/20). My personal email was in the process of being switch over to a yopmail account and my password had been changed. I called comcast twice looking for how this happened since I have 2FA on both my comcast and secondary email. The answers I received each time were unsatisfactory. This now makes sense to me that xfinity was hacked. I really wish they would have admitted the issue instead of trying to say it was something on my end.  Side note - you can log into the yopmail account since yopmail does not use passwords. I logged in to the fake one on my account and the xfinity email was sitting right there. Thanks again for the information! 

Consider me wary of their explanation, since I've had my email password (and some other information) changed more than several times already this year. And, yes, I noticed the hijack this morning (12/20) that occurred late last night. This time they changed the email password and my second email. But they didn't verify the second email this time. However, it keeps asking me to verify it, and I can't delete it. So, off to "support" I go...

Yes, also twice.   Somehow i found the security team’s assurances somewhat NOT reassuring, especially since there was a whole bunch of others impacted.

Twice for me in the past 24 hours. Xfinity better fix this [Edited: Language]!

Confirmed.  It's a data leak.  I've got service in 3 states.  I don't use the xfinity account, but my primary account just got login fails using the primary account username I setup with Xfinity.  Nobody knows that one.  Yeah.  I run the mail server they are attempting to breach.  It's not just Xfinity, this is a big one that covers Spectrum too.

Not impressed.  They're leaking at least billing information and email addresses.  Your passwords?  Meh, if they are really muppets they lost those too, but I can't confirm that.  None of my accounts use the same password, and hopefully, they got at least someone working for them that set that up correctly.

Everyone on Xfinity, Charter, Spectrum, should immediately change their passwords and unlink any account you have with them.

I did as well. Comcast has obviously been breached.

Called support. They couldn't "see" the fake email that was posted but not verified. I was told that they are working on it, and it will be fixed on their end. Apparently, about 40,000+ customers are effected by this. Was also told not to verify the fake email address--no, really.

Same thing happened to me twice yesterday and now twice again today....Every time it is the same burner email address, my name @yopmail.com. You can actually go to yopmail, enter in the email and get into the inbox without a password. Saw the verification email sitting in the inbox...I have a randomly generated 16-digit password as well as the two-factor and author app. I'd like to know how they are adding these email addresses without logging into the account??? My login history only shows my logins, all with the same IP (mine). Seems to me there is an unsecured API

Yeah, this has happened to me once in early November and at least a couple times in the last 48 hours.  Bad actors are completely bypassing Comcast's 2FA "protections."  I've had several news agencies reach out to me to get more information.  Very hopeful that there is a big story on this soon since Comcast isn't telling us anything.  sigh... Have been with Comcast since they weren't even Comcast (back in the AT&T days).  Probably overstayed my welcome.  :-/ 

yep me too. new YOPMAIL added.  I had a 20 character password. maybe this was another $Lapsus hack.

Data leak has been going on since at least Oct 27 20:39:25 according to my analysis.  Origin of the first person attempting to use a login nobody else in the world has ever used before, including me, came from and IP address in India.  Xfinity was the ONLY source with this particular made up username.  The source IP used by person/device could have been hacked themselves, and are completely unaware they are doing it -- now they are just compromised botnet traffic. 

Origin:

route:          103(dot)85(dot)204(dot)0(slash)24
descr:          Intraworld Entertainments Private Limited

(whoever had the dot 98 address on that subnet at the time)

The attempt itself appears to be an automated preloaded dictionary type attack.  Script kids plug in username and passwords gleaned from breaches into one of several utilities, and attempt to gain access using a list they purchased.  Your data is for sale worldwide now, and is currently being distributed in the wild.

Whatever email account you used to order Xfinity service, or whatever email account currently listed as primary in your account details could be hit.  Check that email address/account out, and make sure you aren't using your Xfinity password as the password for that account (or any other), or use ANY xfinity account for a password recovery for another site.  That's really the information they are after.

Thanks Xfinity.

At what point will XFINITY do the right thing and make a statement about this incident?  The loss of trust is palpable.

So yesterday I noticed emails not getting into my Inbox. Had no notices of any new email set up but did notice this log in yesterday. I changed password today and so far it works.

But I set up another email and am setting that up for a primary contact method. I am not surprised by Comcast's lack of response on this issue. Been like this to long for lack of support from Comcast.

They closed our local office for good during Covid. Before that they had people drive down from the larger metro area for staff. So the lack of any responses is not unexpected.

• Browser Other
• Location US
• IP address 96.115.128.208

I could not change my login credentials today. Able to get into my email, but could not access account security. 
called Xfinity. Got “additional services” operator who transferred me to someone to walk through resetting my password. Confirmed my phone number by forwarding me a code by text.
Then usual protocol I thought. 
Options for security code to access reset page included alternate email, text or call. 
selected send by text

code did not work

Was directed to use my alternate email

did that. Code worked and I reset password. 
logged out and logged back in to email account. 
would not let me access security settings to reset password again. 
2factor texts received but codes don’t work.

Do the criminals have control over my text and email?

afraid to login to any other of my accounts that I have 2factor text or email options