How we got here: Comcast's Xfinity has disclosed a security breach impacting more than 36 million customers. The breach occurred between October 16 and October 19 of this year but for the full story, we need to backtrack a bit.
On October 10, cloud service provider Citrix announced a vulnerability impacting software used by Xfinity and "thousands of other companies" around the globe.
It'd be nearly two more weeks – on October 23 – before Citrix shared additional mitigation guidance. Xfinity said it promptly patched and mitigated the vulnerability in its systems but on October 25 during a routine cybersecurity exercise, they discovered unauthorized access to their system that took place a week earlier using the vulnerability.
In a separate filing with the Maine AG, Comcast said the breach impacted 35,879,455 people.
Xfinity's investigation showed that customer information including usernames, hashed passwords, legal names, contact information, the last four of Social Security numbers, dates of birth and / or security questions and answers were compromised. The company said it is still looking into the matter, so it's possible that additional data was compromised.
Xfinity is requiring customers to reset their account passwords, and strongly recommends enabling two-factor authentication. The ISP also advises against re-using passwords across multiple accounts and services; if you have used your Xfinity password elsewhere, be sure and change those also.
