4 Messages
Xfinity / Citrix Hacking December 2023
Dear Xfinity,
Dear Xfinity,
WHO IS HAVING PROBLEMS WITH THE RECENT HACK OF XFINITY WITH NO RESOLUTION ? I have spent hours on the phone due to hacking of my passwords for email, WiFi, login etc… I have spoken to the 1st level of IT support at Xfinity and have received no solution to the issues I have been having with my apple devices not syncing with their email platform. My devices are IMAP devices and the web site is OWA. The Citrix / Xfinity hacking has corrupted my devices and I have been through all protocols with apple support. If you do not provide information as to the status of this event from top level IT support as to when the residual damage to customers devices will be resolved I will be looking for another internet provider.
Accepted Solution
flatlander3
Problem Solver
•
1.5K Messages
11 months ago
The "Hack" on Citrix managed cloud instances happened back in October, where millions of users were impacted by a data theft. Name, social security number (if you provided it), email addresses, phone numbers and addresses.
Xfinity claims they patched their systems a few days after Citrix released a patch with their announcement, but Xfinity didn't figure out the impact until December, but it's far too late by then and your data was gone and likely was exposed to the wild long before Citrix figured out there was a problem and released a patch for it back in October.
YOUR personal device isn't "hacked", but your account details are. With that, an attacker can change your password and intercept your email, and possibly for other accounts you have your Xfinity account linked with for password recovery and for two factor authentication. They can also do this by phone since they have all of your account details to impersonate you.
For mitigation, Xfinity enforced a password change globally. This causes issues when you have several devices checking mail and failing authentication. Your account can be temporarily locked out. It's also possible your account is currently hijacked and forwarding email to some other hostile actor. Log into web mail with a browser from https://xfinity.com (click the drop down in the upper right, and check email). Go into settings -- the little gear icon in the upper right, and make sure you aren't forwarding mail on the left pane.
If you can't log into webmail using your updated password that you set, then your account is compromised so you'll have to call them. https://internetsecurity.xfinity.com/help/report-abuse
Other users report you may also have to enable two factor authentication for your account from now on or your mail won't work. You do that on the main login page https://xfinity.com under your account.
If your devices can't check mail with the new password, the first thing you want to do is stop them from checking your mail and failing authentication. They will lock your account from repeated failed attempts. Follow the links on this post and see if any of them help:
https://forums.xfinity.com/conversations/email/apple-mail-cannot-connect-to-my-comcast-mailbox/658394bef961c6163a32ae59?commentId=65840c96f961c6163a32b286
Remember DO NOT REUSE PASSWORDS between email accounts (comcast/owa/gmail/your bank...etc). When one gets hacked like Xfinity, they all will. I'd also consider Xfinity email burned. Do not use them for anything important again.
2
Again
Expert
•
31K Messages
11 months ago
@user_5njl7e
If you went through the comcast website to change your passwords, did you change them on your devices as well? I am not familiar with apple products but depending on what email client you're using you may need to change your password in two different places. That's about all I know which isn't much, I admit.
1
Lkpolo
Problem Solver
•
493 Messages
11 months ago
It was my understanding that the Citrix Bleed 0 Day was hacked more than once. At least around 2016 or 2017. It controls many things such as accounting databases, Toyota, Legal Firms and many others. No respectable company should be using Citrix any longer.
0
0