Comcast confirmed this week that hackers leveraged a vulnerability, known as “CitrixBleed,” to access the sensitive information of almost 36 million customers. The vulnerability, found in Citrix networking devices, has been under mass-exploitation by hackers since late August. Citrix made patches available in early October, but many organizations did not patch right away, Comcast being one of them. Information likely acquired by the hackers, included usernames and “hashed” passwords as well as names, contact information, dates of birth, the last four digits of Social Security numbers, and perhaps more. Whenever you hear of a hack like this, it’s good to check what a company has on you, and cleanup anything that isn’t absolutely crucial for them to have.
Hackers exploited a known but unpatched flaw, allowing hackers access to the sensitive information of almost 36 million Comcast customers.