35m customers impacted in Xfinity data breach

Xfinity, the internet service provider (ISP) business of US telco Comcast, has suffered a major data breach which has impacted over 35 million people.

The company said that a “data security incident” that took place between 16-19 October had resulted in the theft of customer information including usernames, passwords, contact information, partial social security numbers.

Comcast said that the data breach was due to a Citrix software vulnerability and that the risk had now been resolved.

The breach was first detected on 25 October as part of a routine cybersecurity exercise, Comcast added.

A breach notice published in Maine put the total number of impacted customers at 35,879,455, including over 50,000 people in the state.

In an emailed statement to The Verge, a spokesperson for Xfinity said: “We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers. We take the responsibility to protect our customers very seriously and have our cybersecurity team monitoring 24x7.”

Latest News

‘Highly significant’ cyber-attacks rise by almost 50%, warns NCSC

LSEG and Microsoft advance partnership to boost agentic AI in financial services

Mastercard rolls out data service to improve approval rates

Tide extends tech hub in Lithuania

10 major banks evaluate digital money pegged on G7 currencies

Monzo launches new tool to help businesses meet upcoming digital tax rules

35m customers impacted in Xfinity data breach

Recent Stories

Adobe scraps $20bn Figma takeover after regulatory pushback

35m customers impacted in Xfinity data breach

US pharmacist banned banned from using facial recognition tech