[JGibson]

Quote:

Originally Posted by Bill14564

It would be best to read the Xfinity announcement.

Part of it reads:

What Information Was Involved? On December 6, 2023, we concluded that the information included usernames and hashed passwords. For some customers, other information was also included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers. However, our data analysis is continuing, and we will provide additional notices as appropriate.

Thanks, I have Xfinity but didn't get an email.

[ThirdOfFive]

Quote:

Originally Posted by AZ SLIM

I am flat out sick and tired of all these data breaches. Companies require us to use electronic systems but then don't provide adequate protection because they don't want to pay for the best. I wish there was some type of recourse for their failure to protect our info. I'M MAD AS HELL AND I'M NOT GOING TO TAKE IT ANYMORE! .......(there, I said it. I think I'll go have another cup of coffee and relax the rest of the day)

I imagine that is a fairly common reaction among people, given the plethora of stories about data breaches, online fraud, etc. etc. Probably especially so among we Boomers, who came of age and lived as young adults in a totally different reality.

I sometimes think my brother has it right. He lives alone in far Northern Minnesota. No computer. No cell phone. His phone is a land line still in Dad's name (Dad died in 2004). No credit cards. His only two concessions to modernity (semi-modernity) are a checking account and satellite TV.

As he is fond of saying "just because you're paranoid does NOT mean that they're not out to get you".

[bp243]

Quote:

Originally Posted by Altavia

Potentially all of a users security info was compromised.

Unique passwords and a password manager are your friend.

For anyone with the password manager LastPass, they have been breached several times. Find another password manager. So far 1Password has never been breached.

[MrGolf]

Like many others I saw this on the news and changed password long before being notified by Xfinity. What I found funny (not) was their advise to purchase the likes of Experion etc. First time I have been part of a compromise where the company didn’t offer free monitoring for 12 months. Their mistake, they should cover. Heck, they will bake the cost into their next renewal anyway.

[JRcorvette]

Quote:

Originally Posted by Bunny1

This am I received an email from Xfinity involving a data breach with instructions. Citrix a software provider had a security breach of users personal info in Oct 2023. My email was very lengthy and gave Xfinity numbers and web site to go to. Called the number to verify information. Yes, this was sent by Xfinity. We changed our password as instructed. Has anyone else received this email?
Googled this also and found many news reports on this breach.

On this data breach they got everything about you including your SS number. Comcast should be held liable for any costs incurred by people who have damages from identity theft!!!

[jrref]

Quote:

Originally Posted by Bunny1

This am I received an email from Xfinity involving a data breach with instructions. Citrix a software provider had a security breach of users personal info in Oct 2023. My email was very lengthy and gave Xfinity numbers and web site to go to. Called the number to verify information. Yes, this was sent by Xfinity. We changed our password as instructed. Has anyone else received this email?
Googled this also and found many news reports on this breach.

Terrible. So not only paying a premium for their services but they are raising their prices even with a deal due to higher fees from their content providers but now have to worry about a data breach.

Glad I switched to Quantum Fiber a while back.

[islandtiempo]

Good News! As more services move to passkeys the breaches will have less impact, because the credentials are stored on your device not the server.

Unfortunately services like xfinity will probably be slow to adopt it. https://youtu.be/j1zUY7lOKq8

In the meantime a secure password manager like Bitwarden.com can ease your password frustrations.

[Bill14564]

Quote:

Originally Posted by JRcorvette

On this data breach they got everything about you including your SS number. Comcast should be held liable for any costs incurred by people who have damages from identity theft!!!

The letter said the last four of the SS number. Do you have any information that it was more than that?

My name, number, last four of SSN, and DoB are stored on many places, possibly including the open internet. I don't like seeing them all in one place and I don't like that systems that have them are breached but I don't get terribly excited about that either.

With the information that was taken they *might* be able to get into my Xfinity account. If I reused a password on another site then they *might* be able to get into that site if they tried. And, if I used a particularly weak password then they *might* be able to determine what it was. The things that they *might* be able to do are still a long way from actually stealing anything from me.

I've had checking accounts opened in my name even without data breaches. It will be very difficult for anyone to prove that a case of identity theft is attributable to this particular data breach. A credit freeze is a wise choice even without a breach. A monitoring service or getting the six free credit reports (two for each of the three credit bureaus) is good for peace of mind.

[Stu from NYC]

Quote:

Originally Posted by MrGolf

Like many others I saw this on the news and changed password long before being notified by Xfinity. What I found funny (not) was their advise to purchase the likes of Experion etc. First time I have been part of a compromise where the company didn’t offer free monitoring for 12 months. Their mistake, they should cover. Heck, they will bake the cost into their next renewal anyway.

They add up any cost they can think of plus a few just in case and add it to their yearly renewal. We get to pay for their incompetence

[NoMoSno]

Even Equifax can't keep your data safe.
"40 percent of the population of the United States — whose names, addresses, dates of birth, Social Security numbers, and drivers’ licenses numbers were exposed."
Equifax data breach FAQ: What happened, who was affected, what was the impact? | CSO Online
Equifax Data Breach Settlement | Federal Trade Commission

[NoMoSno]

...

[NoMoSno]

...

[kenlor]

The only affiliation we have with Xfinity is that when we changed cable providers, we were able to keep the email addresses that we have had for many years. (they end in @comcast.net) I was able to change the password to the primary account but haven't been able to change the password on the two secondary accounts, so we are locked out. Any suggestions?

[Pres1939]

Quote:

Originally Posted by tophcfa

Yup, it definitely happened. Changed our password and got a phishing email looking for updated credit card information from an Xfinity imposter that went straight to junk. Be careful out there. Not to cross thread, but I can’t believe how many misguided folks are out there that support moving to a cashless society. The incredible amount of data theft going on is very dangerous stuff! I feel much more confident and safer defending my cash than I do with electronic data.

Agree!!

[biker1]

Yes. Bite the bullet and establish a new e-mail address(es), independent of your current or previous ISP, that you can keep for the rest of your life. I know it can be painful but you should just do it. There are plenty of no cost options (gmail, yahoo, etc) as well as creating (and paying for) your own domain so your e-mail will look something like "firstname@lastname.com".

Quote:

Originally Posted by kenlor

The only affiliation we have with Xfinity is that when we changed cable providers, we were able to keep the email addresses that we have had for many years. (they end in @comcast.net) I was able to change the password to the primary account but haven't been able to change the password on the two secondary accounts, so we are locked out. Any suggestions?