In association with heise online

17 March 2009, 16:10

Confusion over Comcast customers passwords exposure

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The New York Times has reported that data from over 8,000 Comcast customers was unprotected and made available on the Internet. The data included both the usernames and passwords for customers of Comcast, one of the largest Internet service providers in the United States.

According to the report, on Monday 16th of March Mr. Kevin Andreyo stumbled across a list on Scribd, a document sharing Web site often used by authors, when he was searching for his own e-mail address on the search engine Pipl. The file he found contained over 8,000 entries with usernames and passwords, including his own. According to the site statistics, the document had been publicly available for over two months and was accessed over 300 times.

The identity of who uploaded the file to Scribd is currently unknown. Comcast stresses, however, that it does not believe that the information came from inside of their company. They point out that the list contains duplicated data and lacks structure. Comcast believes that the data is from a "phishing or related type of scheme." They continue by saying that the list of exposed customer information is likely closer to 4,000, due to the numerous duplications on the list.

After further analysis of the list Comcast revised that to a much lower figure. Further updates on the New York Times site have finally settled on only 700 Comcast customers being included in the list.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit