Comcast’s Xfinity Service Potentially Exposes Addresses and Partial SSNs of More Than 26.5 Million Customers
• According to security researcher Ryan Stevenson, alleged vulnerabilities in the system Comcast Xfinity uses to verify users’ identities could have allowed an attacker to learn those users’ home addresses and partial Social Security numbers.
• After being informed of the issues, Comcast patched the alleged vulnerabilities.
• According to a Comcast spokesperson, Comcast “quickly investigated these issues and within hours … blocked both vulnerabilities, eliminating the ability to conduct the actions described by these researchers. [Comcast has] no reason to believe these vulnerabilities were ever used against Comcast customers.”