200,000+ Comcast accounts potentially compromised
A post was made on the Dark Web marketplace over this past weekend offering to selling about 590,000 Comcast account info (i.e. email addresses and their passwords). These hacked accounts were being sold for $1000 USD (or Bitcoin). There was a buyer and the sale of the account list was done very soon since the Dark Web ad was placed.
Anyone notice the 590K emails/plaintext passwords allegedly from Comcast being sold? pic.twitter.com/jbASQP0E2Y
— flanvel (@flanvel) November 7, 2015
The request to post such an ad on the Dark Web was made to Salted Hash by @flanvel. Salted Hash informed Comcast about these accounts being sold. According to Comcast only about 30% accounts were active, rest were inactive or just false information. The alleged hacker would have potentially gathered these logins using phishing techniques since Comcast has not disclosed a potential data breach on any of its servers.
A spokesman for the Comcast confirmed that all the valid Comcast accounts from the 590,000 list that was being sold online will be reset. It is possible Comcast got hold of this hacked account list given the speed with which they took action on all those 200,000 active accounts out of the 590,000.
Here is the information to reset your Comcast account:
- Goto http://businesshelp.comcast.com/help-and-support/accounts-billing/change-password-business-class-portal
- Sign in to your Comcast Business online account and select Edit my profile at the top right of the screen.
- Select Reset password.
- Enter and confirm your new password and select Save. You will receive a password change confirmation.