Image: Comcast
We look to major corporations to be the paragons of cyber security. And yet, hackers have successfully penetrated the defenses of one of these corporations, Comcast, and potentially exposed the private data of over 35 million users. Customers may have cause for concern as the company did not respond in a timely manner to this security breach.
According to a notice sent to Maine attorney general’s office, hackers were able to access personal data ranging from usernames, addresses, birthdates, security questions and answers. Even though passwords were cryptographically hashed, they were still stolen. Comcast only patched the vulnerability two weeks after it was discovered, which was the timeframe that hackers required to infiltrate the system.
Comcast’s laissez-faire approach to fixing this issue has caused justifiable upset amongst customers. Still, the loss of the data might not pose a significant threat since these same data points have been stolen and exposed in the past. Nonetheless, Comcast is taking steps to mitigate the risks. Customers are being required to change their passwords and activate two-factor authentication.
