Xfinity admits data breach may have affected 36 million customers

Petya nagscreen
(Image credit: Wikipedia)

Xfinity is the latest in a long line of companies to fall victim to Citrix Bleed, parent company Comcast has confirmed, revealing that almost 36 million customers may have had their data stolen.

The company published a press release confirming that it had been breached and that sensitive customer data had been stolen.

"During a routine cybersecurity exercise on October 25, Xfinity discovered suspicious activity and subsequently determined that between October 16 and October 19, 2023, there was unauthorized access to its internal systems that was concluded to be a result of this vulnerability," the press release read.

Abusing a patched flaw

Further investigation confirmed that the attackers managed to steal people’s sensitive data: "After additional review of the affected systems and data, Xfinity concluded on December 6, 2023, that the customer information in scope included usernames and hashed passwords; for some customers, other information may also have been included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers."

The company’s customers are now required to reset their passwords, Xfinity confirmed. It also said it “strongly recommends” users enable multi-factor authentication (MFA) to secure their accounts. “While Xfinity advises customers not to re-use passwords across multiple accounts, the company is recommending that customers change passwords for other accounts for which they use the same username and password or security question,” the announcement concluded. 

In late October this year, cloud giant Citrix confirmed earlier reports that a critical vulnerability in some of its products was being exploited in the wild. 

It released a patch for the flaw, urging users to apply it immediately to ensure their safety from hackers. The vulnerability in question is tracked as CVE-2023-4966. It carries a severity score of 9.4 and affects NetScaler ADC, and NetScaler Gateway.

A proof-of-concept dubbed Citrix Bleed soon appeared on GitHub.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.