200,000 Comcast Customer Accounts Compromised and Sold Online
On November 9, 2015, Comcast reset roughly 200,000 user accounts after customer information and login credentials were compromised and put up online for sale for approximately $1,000 each.
The company says that it will not be offering credit monitoring to customers that were hacked, since it claims that it was not the company itself that was breached. In fact, Comcast claims that they are not to blame for the incident. Instead, they’re pointing the finger of blame at their own customers who may have visited unsecure sites that allowed hackers to then obtain their data.
The compromise of Comcast user credentials is certainly troubling. But it also raises additional questions about what else hackers were able to access. What other doors did that those credentials open?
This is the question that should have these compromised customers concerned. Was it just 200,000 Comcast accounts that were hacked, or were those compromised credentials used to gain access or control of other online accounts?
As we’ve discussed in previous posts, most users have a tendency to reuse passwords for multiple accounts. In fact, the average American has approximately one password for every four online profiles and accounts. Chances are that those credentials that were stolen and being sold are also used on other user accounts as well.
And users that were compromised should also have additional concerns about what was stolen. Many ISPs provide email accounts, cloud storage and other services to their customers. A breach of ISP account credentials has the strong potential to open a door to a customer’s entire life.
If emails and files stored in the cloud are accessed and searched for information, hackers could gain access to much more personal information about a user than just their login and password. They could gain access to sensitive financial information from bank emails and even enterprise IP from work emails or files.
This Comcast breach further validates the need for users to embrace and implement a multifactor authentication (MFA) solution on their personal accounts. If Comcast’s claims are true, it was poor cyber hygiene and unsafe surfing habits that resulted in the compromise of these credentials. Should a MFA solution have been in place, the compromise of traditional login credentials – such as user name and password – simply wouldn’t be enough to give a hacker access to sensitive accounts and information. And, even if one account was somehow compromised, that hacker would be unable to use the information within to exploit other online accounts and profiles.
In fact, the implementation of a strong and easy to use MFA solution should be a priority for any Comcast customer that was compromised in this breach. With login credentials currently for sale to the highest bidder and password reuse rampant among most Internet users, it’s essential that other, more sensitive accounts – such as bank accounts and social media profiles – aren’t compromised as well.
Regarding Comcast – although I applaud the company for finding and identifying the accounts that were compromised and resetting all 200,000 of its customers’ login credentials – there is still more that the company could have done to better protect itself and its customers today and into the future.
In my next article on Access Granted, I’ll look at the ways Comcast could have better protected its customers from this and other similar breaches, and why it’s beneficial for both the customer, and the company in the long run.