Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

You've been Berkeley'ed!

computers / alt.online-service.comcast / Re: Comcast hacked in October...

SubjectAuthor
* Comcast hacked in October...Nil
+- Re: Comcast hacked in October...Retirednoguilt
+* Re: Comcast hacked in October...Adam H. Kerman
|`- Re: Comcast hacked in October...mdrocklyn
+* Re: Comcast hacked in October...Hiram T Schwantz
|`- Re: Comcast hacked in October...Hiram T Schwantz
+* Re: Comcast hacked in October...Boris
|`* Re: Comcast hacked in October...Nil
| `* Re: Comcast hacked in October...Hiram T Schwantz
|  `* Re: Comcast hacked in October...Retirednoguilt
|   `- Re: Comcast hacked in October...Hiram T Schwantz
`* Re: Comcast hacked in October...Gary
 `- Re: Comcast hacked in October...Nil

1
Comcast hacked in October...

<XnsB0DF7F2752027nilch1@wheedledeedle.moc>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=567&group=alt.online-service.comcast#567

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!nntp.comgw.net!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rednoi...@rednoise9.invalid (Nil)
Newsgroups: alt.online-service.comcast
Subject: Comcast hacked in October...
Date: Tue, 19 Dec 2023 12:29:58 -0500
Organization: A noiseless patient Spider
Lines: 31
Message-ID: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Injection-Info: dont-email.me; posting-host="2a49e0f90c734704972ce7feeaaa222a";
logging-data="157509"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19vwYrAT8EdX49i4gxCCSj+"
User-Agent: Xnews/2006.08.24
Cancel-Lock: sha1:p+yf9KQ1EBoany4Vpezc38OFOKk=
X-Face: esm\a~e7BW-JD"t0\Ww_~\t!z_p0}xokJ"]a4/!ZtMGxQ>t_J`\IuTO++qOqVx0&Y.=z(B!:d?HNxL}yTuIS^5T8W\iGv_s'oSFfLp%X|naUNr
 by: Nil - Tue, 19 Dec 2023 17:29 UTC

I was going to ask here if anyone else had been recently forced by Xfinity
to change their password. Both of my two email accounts had had the same
password for a few years, so it really was about time, but it seemed like
something had happened on their end for them to force a change on the same
day with no explanation. Then, today, I read this, which probably explains
it. Despite their claim, I was never notified:

"Comcast says hackers stole data of close to 36 million Xfinity customers"
- 7:45 AM EST December 19, 2023

https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/

and

December 18, 2023 04:30 PM Eastern Standard Time

PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
security incident. Starting today, customers are being notified through a
variety of channels, including through the Xfinity website, email, and news
media.

On October 10, 2023, Citrix announced a vulnerability in software used by
Xfinity and thousands of other companies worldwide. Citrix issued additional
mitigation guidance on October 23, 2023. Xfinity promptly patched and
mitigated the Citrix vulnerability within its systems. However, during a
routine cybersecurity exercise on October 25, Xfinity discovered suspicious
activity and subsequently determined that between October 16 and
October 19, 2023, there was unauthorized access to its internal systems
that was concluded to be a result of this vulnerability."

https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/

Re: Comcast hacked in October...

<ulslmi$53t6$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=568&group=alt.online-service.comcast#568

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!news.hispagatos.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: HapilyRe...@fakeaddress.com (Retirednoguilt)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Tue, 19 Dec 2023 12:59:43 -0500
Organization: A noiseless patient Spider
Lines: 46
Message-ID: <ulslmi$53t6$1@dont-email.me>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Reply-To: HapilyRetired@fakeaddress.com
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 19 Dec 2023 17:59:46 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="70e4bfad8965edd2d3316977256cae81";
logging-data="167846"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19cax0EZTpfhAo8TFSn8WtP8TY9iIYr2uU="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:/4xoE4klFHXDQh63/qFC+2usVZE=
In-Reply-To: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Content-Language: en-US
 by: Retirednoguilt - Tue, 19 Dec 2023 17:59 UTC

On 12/19/2023 12:29 PM, Nil wrote:
> I was going to ask here if anyone else had been recently forced by Xfinity
> to change their password. Both of my two email accounts had had the same
> password for a few years, so it really was about time, but it seemed like
> something had happened on their end for them to force a change on the same
> day with no explanation. Then, today, I read this, which probably explains
> it. Despite their claim, I was never notified:
>
> "Comcast says hackers stole data of close to 36 million Xfinity customers"
> - 7:45 AM EST December 19, 2023
>
> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
>
> and
>
> December 18, 2023 04:30 PM Eastern Standard Time
>
> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
> security incident. Starting today, customers are being notified through a
> variety of channels, including through the Xfinity website, email, and news
> media.
>
> On October 10, 2023, Citrix announced a vulnerability in software used by
> Xfinity and thousands of other companies worldwide. Citrix issued additional
> mitigation guidance on October 23, 2023. Xfinity promptly patched and
> mitigated the Citrix vulnerability within its systems. However, during a
> routine cybersecurity exercise on October 25, Xfinity discovered suspicious
> activity and subsequently determined that between October 16 and
> October 19, 2023, there was unauthorized access to its internal systems
> that was concluded to be a result of this vulnerability."
>
> https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/

I never was notified either. Maybe our accounts weren't among those
believed to be affected. It's been too long now since we registered
with Comcast for service to remember, but I doubt they required much
besides our names, postal addresses, and the account that pays their
bill. For that matter, anyone who receives a check from me has that
account number as well. I don't believe in jinxes, so I'll say that in
the 36 years I've had that checking account, there's never been any
fraudulent activity. In any case, the bank says in writing that they
will make depositors whole for money stolen from any of their banking
products. Makes me think why the central clearing house still requires
banks to print the full account number on each check in open digits.
Seems a bar code or QR code would also enable automated reading and be
safer for account holders.

Re: Comcast hacked in October...

<ulso88$5bg2$4@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=569&group=alt.online-service.comcast#569

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ahk...@chinet.com (Adam H. Kerman)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Tue, 19 Dec 2023 18:43:20 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <ulso88$5bg2$4@dont-email.me>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Injection-Date: Tue, 19 Dec 2023 18:43:20 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="9c7bf7e4ca6471ac7e4c93cf3cb6f0e3";
logging-data="175618"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18ElenN34ClSQIOPS4Tyo4UAgn4TzJDgVI="
Cancel-Lock: sha1:qcpVRQQk2zM0uJCtgUG5OVGcILs=
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
 by: Adam H. Kerman - Tue, 19 Dec 2023 18:43 UTC

Nil <rednoise9@rednoise9.invalid> wrote:

>I was going to ask here if anyone else had been recently forced by Xfinity
>to change their password. Both of my two email accounts had had the same
>password for a few years, so it really was about time, but it seemed like
>something had happened on their end for them to force a change on the same
>day with no explanation. Then, today, I read this, which probably explains
>it. Despite their claim, I was never notified:

Yes, I was forced to change a password. No, I wasn't notified about the
hack.

>. . .

Re: Comcast hacked in October...

<pdt3oidkfoif7ouiqrfn0ocrrtv74c8ku3@4ax.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=570&group=alt.online-service.comcast#570

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx34.iad.POSTED!not-for-mail
From: mdrock...@comcast.net
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Message-ID: <pdt3oidkfoif7ouiqrfn0ocrrtv74c8ku3@4ax.com>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <ulso88$5bg2$4@dont-email.me>
User-Agent: ForteAgent/8.00.32.1272
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 22
X-Complaints-To: abuse(at)newshosting.com
NNTP-Posting-Date: Tue, 19 Dec 2023 20:00:21 UTC
Organization: Newshosting.com - Highest quality at a great price! www.newshosting.com
Date: Tue, 19 Dec 2023 12:00:21 -0800
X-Received-Bytes: 1522
 by: mdrock...@comcast.net - Tue, 19 Dec 2023 20:00 UTC

On Tue, 19 Dec 2023 18:43:20 -0000 (UTC), "Adam H. Kerman"
<ahk@chinet.com> wrote:

>Nil <rednoise9@rednoise9.invalid> wrote:
>
>>I was going to ask here if anyone else had been recently forced by Xfinity
>>to change their password. Both of my two email accounts had had the same
>>password for a few years, so it really was about time, but it seemed like
>>something had happened on their end for them to force a change on the same
>>day with no explanation. Then, today, I read this, which probably explains
>>it. Despite their claim, I was never notified:
>
>Yes, I was forced to change a password. No, I wasn't notified about the
>hack.
>
>>. . .

Yes, I had to change my password. The message I got was something
like "It's been a while since you changed your password so now it's
time". No mention of any hack.

Re: Comcast hacked in October...

<eP2hN.64573$Ama9.16334@fx12.iad>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=571&group=alt.online-service.comcast#571

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!nntp.comgw.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx12.iad.POSTED!not-for-mail
From: hiramtsc...@gmail.com (Hiram T Schwantz)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
User-Agent: MicroPlanet-Gravity/3.0.10 (GRC)
Lines: 44
Message-ID: <eP2hN.64573$Ama9.16334@fx12.iad>
X-Complaints-To: abuse@easynews.com
Organization: Forte - www.forteinc.com
X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
Date: Thu, 21 Dec 2023 17:16:43 -0500
X-Received-Bytes: 2745
 by: Hiram T Schwantz - Thu, 21 Dec 2023 22:16 UTC

On Tue, 19 Dec 2023 12:29:58 -0500, Nil posted for all of us to digest...

>
> I was going to ask here if anyone else had been recently forced by Xfinity
> to change their password. Both of my two email accounts had had the same
> password for a few years, so it really was about time, but it seemed like
> something had happened on their end for them to force a change on the same
> day with no explanation. Then, today, I read this, which probably explains
> it. Despite their claim, I was never notified:
>
> "Comcast says hackers stole data of close to 36 million Xfinity customers"
> - 7:45 AM EST December 19, 2023
>
> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
>
> and
>
> December 18, 2023 04:30 PM Eastern Standard Time
>
> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
> security incident. Starting today, customers are being notified through a
> variety of channels, including through the Xfinity website, email, and news
> media.
>
> On October 10, 2023, Citrix announced a vulnerability in software used by
> Xfinity and thousands of other companies worldwide. Citrix issued additional
> mitigation guidance on October 23, 2023. Xfinity promptly patched and
> mitigated the Citrix vulnerability within its systems. However, during a
> routine cybersecurity exercise on October 25, Xfinity discovered suspicious
> activity and subsequently determined that between October 16 and
> October 19, 2023, there was unauthorized access to its internal systems
> that was concluded to be a result of this vulnerability."
>
> https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/

I had to change my password(s). I had to call and they would issue a code. The
administrative account was invalid.

I have also trying to have them turn the spam blocker off for two sites that
send wanted email since October of course Comcast blame the email sender.

--
Hiram

Re: Comcast hacked in October...

<gQ2hN.64574$Ama9.32199@fx12.iad>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=572&group=alt.online-service.comcast#572

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx12.iad.POSTED!not-for-mail
From: hiramtsc...@gmail.com (Hiram T Schwantz)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <eP2hN.64573$Ama9.16334@fx12.iad>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
User-Agent: MicroPlanet-Gravity/3.0.10 (GRC)
Lines: 50
Message-ID: <gQ2hN.64574$Ama9.32199@fx12.iad>
X-Complaints-To: abuse@easynews.com
Organization: Forte - www.forteinc.com
X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
Date: Thu, 21 Dec 2023 17:17:49 -0500
X-Received-Bytes: 2963
 by: Hiram T Schwantz - Thu, 21 Dec 2023 22:17 UTC

On Thu, 21 Dec 2023 17:16:43 -0500, Hiram T Schwantz posted for all of us to
digest...

>
> On Tue, 19 Dec 2023 12:29:58 -0500, Nil posted for all of us to digest...
>
> >
> > I was going to ask here if anyone else had been recently forced by Xfinity
> > to change their password. Both of my two email accounts had had the same
> > password for a few years, so it really was about time, but it seemed like
> > something had happened on their end for them to force a change on the same
> > day with no explanation. Then, today, I read this, which probably explains
> > it. Despite their claim, I was never notified:
> >
> > "Comcast says hackers stole data of close to 36 million Xfinity customers"
> > - 7:45 AM EST December 19, 2023
> >
> > https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/
> >
> > and
> >
> > December 18, 2023 04:30 PM Eastern Standard Time
> >
> > PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data
> > security incident. Starting today, customers are being notified through a
> > variety of channels, including through the Xfinity website, email, and news
> > media.
> >
> > On October 10, 2023, Citrix announced a vulnerability in software used by
> > Xfinity and thousands of other companies worldwide. Citrix issued additional
> > mitigation guidance on October 23, 2023. Xfinity promptly patched and
> > mitigated the Citrix vulnerability within its systems. However, during a
> > routine cybersecurity exercise on October 25, Xfinity discovered suspicious
> > activity and subsequently determined that between October 16 and
> > October 19, 2023, there was unauthorized access to its internal systems
> > that was concluded to be a result of this vulnerability."
> >
> > https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Customers-of-Data-Security-Incident/
>
> I had to change my password(s). I had to call and they would issue a code. The
> administrative account was invalid.
>
> I have also trying to have them turn the spam blocker off for two sites that
> send wanted email since October 22 of course Comcast blames the email sender.

--
Hiram

Re: Comcast hacked in October...

<XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=574&group=alt.online-service.comcast#574

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Bor...@invalid.invalid (Boris)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Tue, 2 Jan 2024 19:16:26 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 52
Message-ID: <XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Injection-Date: Tue, 2 Jan 2024 19:16:26 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="e3f741667b065fc049375d58fece408f";
logging-data="2958297"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+DmgQY/YBWPSLvI9keQC/t"
User-Agent: Xnews/2006.08.24
Cancel-Lock: sha1:kTP/XuFr/dpDVpN9Ts+IXLgYI2Y=
 by: Boris - Tue, 2 Jan 2024 19:16 UTC

Nil <rednoise9@rednoise9.invalid> wrote in
news:XnsB0DF7F2752027nilch1@wheedledeedle.moc:

> I was going to ask here if anyone else had been recently forced by
> Xfinity to change their password. Both of my two email accounts had
> had the same password for a few years, so it really was about time,
> but it seemed like something had happened on their end for them to
> force a change on the same day with no explanation. Then, today, I
> read this, which probably explains it. Despite their claim, I was
> never notified:
>
> "Comcast says hackers stole data of close to 36 million Xfinity
> customers" - 7:45 AM EST December 19, 2023
>
> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-cu
> stomers/
>
> and
>
> December 18, 2023 04:30 PM Eastern Standard Time
>
> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent
> data security incident. Starting today, customers are being notified
> through a variety of channels, including through the Xfinity website,
> email, and news media.
>
> On October 10, 2023, Citrix announced a vulnerability in software used
> by Xfinity and thousands of other companies worldwide. Citrix issued
> additional mitigation guidance on October 23, 2023. Xfinity promptly
> patched and mitigated the Citrix vulnerability within its systems.
> However, during a routine cybersecurity exercise on October 25,
> Xfinity discovered suspicious activity and subsequently determined
> that between October 16 and October 19, 2023, there was unauthorized
> access to its internal systems that was concluded to be a result of
> this vulnerability."
>
> https://www.businesswire.com/news/home/20231218979935/en/Notice-To-Cust
> omers-of-Data-Security-Incident/

About two weeks ago, Comcast made me change my password. The only reason
given was that it was 'old', and time to change.

Today, I received an email from Comcast, "Notice of Data Security
Incident". There was an explanation of the 'incident', and how and what
to do to protect one's self, with links to the three credit reporting
bureaus. It was a loooong email.

Seems to me the "Notice of Data Security Incident" should have been sent
out about two weeks ago.

I have Comcast set up at two other locations. Wonder when notices will
arrive there.

Re: Comcast hacked in October...

<XnsB0EEBDCC9418Bnilch1@wheedledeedle.moc>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=575&group=alt.online-service.comcast#575

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rednoi...@rednoise9.invalid (Nil)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Wed, 03 Jan 2024 18:39:28 -0500
Organization: A noiseless patient Spider
Lines: 62
Message-ID: <XnsB0EEBDCC9418Bnilch1@wheedledeedle.moc>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170>
Injection-Info: dont-email.me; posting-host="e24ed829c85c145ec9b52fe33b623999";
logging-data="3546452"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19A7sWDeY8huGRMGLceEp/l"
User-Agent: Xnews/2006.08.24
Cancel-Lock: sha1:Y1XY4E6siUfSsORDY2fGoE5w/TY=
X-Face: esm\a~e7BW-JD"t0\Ww_~\t!z_p0}xokJ"]a4/!ZtMGxQ>t_J`\IuTO++qOqVx0&Y.=z(B!:d?HNxL}yTuIS^5T8W\iGv_s'oSFfLp%X|naUNr
 by: Nil - Wed, 3 Jan 2024 23:39 UTC

On 02 Jan 2024, Boris <Boris@invalid.invalid> wrote in
alt.online-service.comcast:

> Nil <rednoise9@rednoise9.invalid> wrote in
> news:XnsB0DF7F2752027nilch1@wheedledeedle.moc:
>
>> I was going to ask here if anyone else had been recently forced
>> by Xfinity to change their password. Both of my two email
>> accounts had had the same password for a few years, so it really
>> was about time, but it seemed like something had happened on
>> their end for them to force a change on the same day with no
>> explanation. Then, today, I read this, which probably explains
>> it. Despite their claim, I was never notified:
>>
>> "Comcast says hackers stole data of close to 36 million Xfinity
>> customers" - 7:45 AM EST December 19, 2023
>>
>> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
>> on-cu stomers/
>>
>> and
>>
>> December 18, 2023 04:30 PM Eastern Standard Time
>>
>> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
>> recent data security incident. Starting today, customers are
>> being notified through a variety of channels, including through
>> the Xfinity website, email, and news media.
>>
>> On October 10, 2023, Citrix announced a vulnerability in software
>> used by Xfinity and thousands of other companies worldwide.
>> Citrix issued additional mitigation guidance on October 23, 2023.
>> Xfinity promptly patched and mitigated the Citrix vulnerability
>> within its systems. However, during a routine cybersecurity
>> exercise on October 25, Xfinity discovered suspicious activity
>> and subsequently determined that between October 16 and October
>> 19, 2023, there was unauthorized access to its internal systems
>> that was concluded to be a result of this vulnerability."
>>
>> https://www.businesswire.com/news/home/20231218979935/en/Notice-To
>> -Cust omers-of-Data-Security-Incident/
>
> About two weeks ago, Comcast made me change my password. The only
> reason given was that it was 'old', and time to change.
>
> Today, I received an email from Comcast, "Notice of Data Security
> Incident". There was an explanation of the 'incident', and how
> and what to do to protect one's self, with links to the three
> credit reporting bureaus. It was a loooong email.
>
> Seems to me the "Notice of Data Security Incident" should have
> been sent out about two weeks ago.
>
> I have Comcast set up at two other locations. Wonder when notices
> will arrive there.

Interesting. According to the article, the breach occurred last
October, so they should have notified everybody long before now. I
guess it's good that you finally were notified, but I still haven't
been. I guess they consider that to be progress??

Maybe there was yet another breach in the meantime!

Re: Comcast hacked in October...

<NPEnN.115921$vFZa.107946@fx13.iad>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=576&group=alt.online-service.comcast#576

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!feeder1-2.proxad.net!proxad.net!feeder1-1.proxad.net!193.141.40.65.MISMATCH!npeer.as286.net!npeer-ng0.as286.net!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx13.iad.POSTED!not-for-mail
From: hiramtsc...@gmail.com (Hiram T Schwantz)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170> <XnsB0EEBDCC9418Bnilch1@wheedledeedle.moc>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
User-Agent: MicroPlanet-Gravity/3.0.10 (GRC)
Lines: 71
Message-ID: <NPEnN.115921$vFZa.107946@fx13.iad>
X-Complaints-To: abuse@easynews.com
Organization: Forte - www.forteinc.com
X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
Date: Wed, 10 Jan 2024 17:25:49 -0500
X-Received-Bytes: 3962
 by: Hiram T Schwantz - Wed, 10 Jan 2024 22:25 UTC

On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...

>
> On 02 Jan 2024, Boris <Boris@invalid.invalid> wrote in
> alt.online-service.comcast:
>
> > Nil <rednoise9@rednoise9.invalid> wrote in
> > news:XnsB0DF7F2752027nilch1@wheedledeedle.moc:
> >
> >> I was going to ask here if anyone else had been recently forced
> >> by Xfinity to change their password. Both of my two email
> >> accounts had had the same password for a few years, so it really
> >> was about time, but it seemed like something had happened on
> >> their end for them to force a change on the same day with no
> >> explanation. Then, today, I read this, which probably explains
> >> it. Despite their claim, I was never notified:
> >>
> >> "Comcast says hackers stole data of close to 36 million Xfinity
> >> customers" - 7:45 AM EST December 19, 2023
> >>
> >> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
> >> on-cu stomers/
> >>
> >> and
> >>
> >> December 18, 2023 04:30 PM Eastern Standard Time
> >>
> >> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
> >> recent data security incident. Starting today, customers are
> >> being notified through a variety of channels, including through
> >> the Xfinity website, email, and news media.
> >>
> >> On October 10, 2023, Citrix announced a vulnerability in software
> >> used by Xfinity and thousands of other companies worldwide.
> >> Citrix issued additional mitigation guidance on October 23, 2023.
> >> Xfinity promptly patched and mitigated the Citrix vulnerability
> >> within its systems. However, during a routine cybersecurity
> >> exercise on October 25, Xfinity discovered suspicious activity
> >> and subsequently determined that between October 16 and October
> >> 19, 2023, there was unauthorized access to its internal systems
> >> that was concluded to be a result of this vulnerability."
> >>
> >> https://www.businesswire.com/news/home/20231218979935/en/Notice-To
> >> -Cust omers-of-Data-Security-Incident/
> >
> > About two weeks ago, Comcast made me change my password. The only
> > reason given was that it was 'old', and time to change.
> >
> > Today, I received an email from Comcast, "Notice of Data Security
> > Incident". There was an explanation of the 'incident', and how
> > and what to do to protect one's self, with links to the three
> > credit reporting bureaus. It was a loooong email.
> >
> > Seems to me the "Notice of Data Security Incident" should have
> > been sent out about two weeks ago.
> >
> > I have Comcast set up at two other locations. Wonder when notices
> > will arrive there.
>
> Interesting. According to the article, the breach occurred last
> October, so they should have notified everybody long before now. I
> guess it's good that you finally were notified, but I still haven't
> been. I guess they consider that to be progress??
>
> Maybe there was yet another breach in the meantime!

Are you implying that Comcast has "speed"?

--
Hiram

Re: Comcast hacked in October...

<unotjf$312m6$2@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=577&group=alt.online-service.comcast#577

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: HapilyRe...@fakeaddress.com (Retirednoguilt)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Thu, 11 Jan 2024 09:22:38 -0500
Organization: A noiseless patient Spider
Lines: 74
Message-ID: <unotjf$312m6$2@dont-email.me>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
<XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170>
<XnsB0EEBDCC9418Bnilch1@wheedledeedle.moc>
<NPEnN.115921$vFZa.107946@fx13.iad>
Reply-To: HapilyRetired@fakeaddress.com
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 11 Jan 2024 14:22:39 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="0dad20380b87dc5ea0bbbadb560bc258";
logging-data="3181254"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/TO9Q5eYz+fvdx/eZxEqcrT5C6wXk3Mv8="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:GmJYkbm2Nf7Bn22M0XI9ja9p2MM=
In-Reply-To: <NPEnN.115921$vFZa.107946@fx13.iad>
Content-Language: en-US
 by: Retirednoguilt - Thu, 11 Jan 2024 14:22 UTC

On 1/10/2024 5:25 PM, Hiram T Schwantz wrote:
>
> On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...
>
>>
>> On 02 Jan 2024, Boris <Boris@invalid.invalid> wrote in
>> alt.online-service.comcast:
>>
>>> Nil <rednoise9@rednoise9.invalid> wrote in
>>> news:XnsB0DF7F2752027nilch1@wheedledeedle.moc:
>>>
>>>> I was going to ask here if anyone else had been recently forced
>>>> by Xfinity to change their password. Both of my two email
>>>> accounts had had the same password for a few years, so it really
>>>> was about time, but it seemed like something had happened on
>>>> their end for them to force a change on the same day with no
>>>> explanation. Then, today, I read this, which probably explains
>>>> it. Despite their claim, I was never notified:
>>>>
>>>> "Comcast says hackers stole data of close to 36 million Xfinity
>>>> customers" - 7:45 AM EST December 19, 2023
>>>>
>>>> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
>>>> on-cu stomers/
>>>>
>>>> and
>>>>
>>>> December 18, 2023 04:30 PM Eastern Standard Time
>>>>
>>>> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
>>>> recent data security incident. Starting today, customers are
>>>> being notified through a variety of channels, including through
>>>> the Xfinity website, email, and news media.
>>>>
>>>> On October 10, 2023, Citrix announced a vulnerability in software
>>>> used by Xfinity and thousands of other companies worldwide.
>>>> Citrix issued additional mitigation guidance on October 23, 2023.
>>>> Xfinity promptly patched and mitigated the Citrix vulnerability
>>>> within its systems. However, during a routine cybersecurity
>>>> exercise on October 25, Xfinity discovered suspicious activity
>>>> and subsequently determined that between October 16 and October
>>>> 19, 2023, there was unauthorized access to its internal systems
>>>> that was concluded to be a result of this vulnerability."
>>>>
>>>> https://www.businesswire.com/news/home/20231218979935/en/Notice-To
>>>> -Cust omers-of-Data-Security-Incident/
>>>
>>> About two weeks ago, Comcast made me change my password. The only
>>> reason given was that it was 'old', and time to change.
>>>
>>> Today, I received an email from Comcast, "Notice of Data Security
>>> Incident". There was an explanation of the 'incident', and how
>>> and what to do to protect one's self, with links to the three
>>> credit reporting bureaus. It was a loooong email.
>>>
>>> Seems to me the "Notice of Data Security Incident" should have
>>> been sent out about two weeks ago.
>>>
>>> I have Comcast set up at two other locations. Wonder when notices
>>> will arrive there.
>>
>> Interesting. According to the article, the breach occurred last
>> October, so they should have notified everybody long before now. I
>> guess it's good that you finally were notified, but I still haven't
>> been. I guess they consider that to be progress??
>>
>> Maybe there was yet another breach in the meantime!
>
> Are you implying that Comcast has "speed"?
>

Their lawyers probably insisted that Comcast act promptly to minimize
exposure to lawsuits claiming losses due to negligence to promptly
notify the customers.

Re: Comcast hacked in October...

<aRZnN.224276$83n7.88267@fx18.iad>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=578&group=alt.online-service.comcast#578

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!news.hispagatos.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx18.iad.POSTED!not-for-mail
From: hiramtsc...@gmail.com (Hiram T Schwantz)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <XnsB0ED87042F9C0Borisinvalidinvalid@135.181.20.170> <XnsB0EEBDCC9418Bnilch1@wheedledeedle.moc> <NPEnN.115921$vFZa.107946@fx13.iad> <unotjf$312m6$2@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
User-Agent: MicroPlanet-Gravity/3.0.10 (GRC)
Lines: 84
Message-ID: <aRZnN.224276$83n7.88267@fx18.iad>
X-Complaints-To: abuse@easynews.com
Organization: Forte - www.forteinc.com
X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
Date: Thu, 11 Jan 2024 17:20:55 -0500
X-Received-Bytes: 4483
 by: Hiram T Schwantz - Thu, 11 Jan 2024 22:20 UTC

On Thu, 11 Jan 2024 09:22:38 -0500, Retirednoguilt posted for all of us to
digest...

>
> On 1/10/2024 5:25 PM, Hiram T Schwantz wrote:
> >
> > On Wed, 03 Jan 2024 18:39:28 -0500, Nil posted for all of us to digest...
> >
> >>
> >> On 02 Jan 2024, Boris <Boris@invalid.invalid> wrote in
> >> alt.online-service.comcast:
> >>
> >>> Nil <rednoise9@rednoise9.invalid> wrote in
> >>> news:XnsB0DF7F2752027nilch1@wheedledeedle.moc:
> >>>
> >>>> I was going to ask here if anyone else had been recently forced
> >>>> by Xfinity to change their password. Both of my two email
> >>>> accounts had had the same password for a few years, so it really
> >>>> was about time, but it seemed like something had happened on
> >>>> their end for them to force a change on the same day with no
> >>>> explanation. Then, today, I read this, which probably explains
> >>>> it. Despite their claim, I was never notified:
> >>>>
> >>>> "Comcast says hackers stole data of close to 36 million Xfinity
> >>>> customers" - 7:45 AM EST December 19, 2023
> >>>>
> >>>> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
> >>>> on-cu stomers/
> >>>>
> >>>> and
> >>>>
> >>>> December 18, 2023 04:30 PM Eastern Standard Time
> >>>>
> >>>> PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a
> >>>> recent data security incident. Starting today, customers are
> >>>> being notified through a variety of channels, including through
> >>>> the Xfinity website, email, and news media.
> >>>>
> >>>> On October 10, 2023, Citrix announced a vulnerability in software
> >>>> used by Xfinity and thousands of other companies worldwide.
> >>>> Citrix issued additional mitigation guidance on October 23, 2023.
> >>>> Xfinity promptly patched and mitigated the Citrix vulnerability
> >>>> within its systems. However, during a routine cybersecurity
> >>>> exercise on October 25, Xfinity discovered suspicious activity
> >>>> and subsequently determined that between October 16 and October
> >>>> 19, 2023, there was unauthorized access to its internal systems
> >>>> that was concluded to be a result of this vulnerability."
> >>>>
> >>>> https://www.businesswire.com/news/home/20231218979935/en/Notice-To
> >>>> -Cust omers-of-Data-Security-Incident/
> >>>
> >>> About two weeks ago, Comcast made me change my password. The only
> >>> reason given was that it was 'old', and time to change.
> >>>
> >>> Today, I received an email from Comcast, "Notice of Data Security
> >>> Incident". There was an explanation of the 'incident', and how
> >>> and what to do to protect one's self, with links to the three
> >>> credit reporting bureaus. It was a loooong email.
> >>>
> >>> Seems to me the "Notice of Data Security Incident" should have
> >>> been sent out about two weeks ago.
> >>>
> >>> I have Comcast set up at two other locations. Wonder when notices
> >>> will arrive there.
> >>
> >> Interesting. According to the article, the breach occurred last
> >> October, so they should have notified everybody long before now. I
> >> guess it's good that you finally were notified, but I still haven't
> >> been. I guess they consider that to be progress??
> >>
> >> Maybe there was yet another breach in the meantime!
> >
> > Are you implying that Comcast has "speed"?
> >
>
> Their lawyers probably insisted that Comcast act promptly to minimize
> exposure to lawsuits claiming losses due to negligence to promptly
> notify the customers.

I think you nailed it. They have a lot of money therefore a lot of lawyers.

--
Hiram

Re: Comcast hacked in October...

<17acb1ba3a936fa0$2$3617078$4ed50460@news.newsdemon.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=579&group=alt.online-service.comcast#579

  copy link   Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Newsgroups: alt.online-service.comcast
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
From: gar...@C0MCAST.NET (Gary)
Date: Mon, 22 Jan 2024 09:28:26 -0500
User-Agent: Forte Agent 1.93/32.576 English (American)
Mime-Version: 1.0
In-Reply-To: <XnsB0DF7F2752027nilch1@wheedledeedle.moc>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 15
Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr2.iad1.usenetexpress.com!news.newsdemon.com!not-for-mail
Nntp-Posting-Date: Mon, 22 Jan 2024 14:29:32 +0000
X-Received-Bytes: 1267
Organization: NewsDemon - www.newsdemon.com
X-Complaints-To: abuse@newsdemon.com
Message-Id: <17acb1ba3a936fa0$2$3617078$4ed50460@news.newsdemon.com>
 by: Gary - Mon, 22 Jan 2024 14:28 UTC

Nil wrote:
> I was going to ask here if anyone else had been recently forced by Xfinity
> to change their password. Both of my two email accounts had had the same
> password for a few years, so it really was about time, but it seemed like
> something had happened on their end for them to force a change on the same
> day with no explanation. Then, today, I read this, which probably explains
> it. Despite their claim, I was never notified:
>
> "Comcast says hackers stole data of close to 36 million Xfinity customers"
> - 7:45 AM EST December 19, 2023
>
> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-million-customers/

The focus at "woke" corporations is on DEI, not your account security. Fact!

Re: Comcast hacked in October...

<XnsB1017D45160D5nilch1@wheedledeedle.moc>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=580&group=alt.online-service.comcast#580

  copy link   Newsgroups: alt.online-service.comcast
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rednoi...@rednoise9.invalid (Nil)
Newsgroups: alt.online-service.comcast
Subject: Re: Comcast hacked in October...
Date: Mon, 22 Jan 2024 12:18:52 -0500
Organization: A noiseless patient Spider
Lines: 24
Message-ID: <XnsB1017D45160D5nilch1@wheedledeedle.moc>
References: <XnsB0DF7F2752027nilch1@wheedledeedle.moc> <17acb1ba3a936fa0$2$3617078$4ed50460@news.newsdemon.com>
Injection-Info: dont-email.me; posting-host="dc7a4ca2073cc6bb71bfd94b478acc0a";
logging-data="873714"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/P780HJ/cdB5k56f6VGf/0"
User-Agent: Xnews/2006.08.24
Cancel-Lock: sha1:OV0t/65cWWOGQNMICYQoeavS534=
X-Face: esm\a~e7BW-JD"t0\Ww_~\t!z_p0}xokJ"]a4/!ZtMGxQ>t_J`\IuTO++qOqVx0&Y.=z(B!:d?HNxL}yTuIS^5T8W\iGv_s'oSFfLp%X|naUNr
 by: Nil - Mon, 22 Jan 2024 17:18 UTC

On 22 Jan 2024, Gary <gary@C0MCAST.NET> wrote in
alt.online-service.comcast:

> Nil wrote:
>> I was going to ask here if anyone else had been recently forced
>> by Xfinity to change their password. Both of my two email
>> accounts had had the same password for a few years, so it really
>> was about time, but it seemed like something had happened on
>> their end for them to force a change on the same day with no
>> explanation. Then, today, I read this, which probably explains
>> it. Despite their claim, I was never notified:
>>
>> "Comcast says hackers stole data of close to 36 million Xfinity
>> customers" - 7:45 AM EST December 19, 2023
>>
>> https://techcrunch.com/2023/12/19/comcast-xfinity-hackers-36-milli
>> on-customers/
>
>
> The focus at "woke" corporations is on DEI, not your account
> security. Fact!

Bullshit.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor