American cable and Internet giant Comcast was struck by a data breach few days back. An unprotected developer database with 1.5 billion data records and other internal information was available via the Internet to third parties during this data breach.
Comcast Corporation is the largest cable operator network and, after the AT&T it is the second largest internet service provider as well as the third largest telephonic company in the US after the AT&T and Verizon Communications.
Recently the research team of WebsitePlanet in collaboration with the security researcher, Jeremiah Fowler, identified a non-password-protected database with a total size of 478 GB of 1.5 billion records. The database of Comcast featured dashboard permissions, logging, client IPs, @comcast e-mail addresses and hashed passwords in publicly accessible domain. By this breach, a description of the internal functionality, logging and general network structure is established with the IP addresses contained in the database. The server also revealed the Comcast Development Team's email addresses and hashed passwords. Further the database also provided the error reports, warning and the task or job scheduling information, cluster names, device names, and internal rules marked by the tag “Privileged=True.” Middleware also was detected in error logs and can often be used for ransomware or other bugs as a secondary way.
However the measures to control the access to the data were taken around in an hour, as the malicious actors could have easily accessed and retrieved the confidential information until the data was secured. The researchers relying on Comcast's data immediately submitted a notice of disclosure and affirmed their observations to their Security Defect Reporting team.
Fowler also said that, this was ..
Support the originator by clicking the read the rest link below.
