Comcast has confirmed that hackers exploiting a critical-rated security vulnerability accessed the sensitive information of almost 36 million Xfinity customers.
Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China, and international law firm Allen & Overy.
The notice doesn’t say how many Xfinity customers have been impacted, and Comcast spokesperson Joel Shadle declined to say when asked by TechCrunch.
In a filing with Maine’s attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach.
Comcast’s latest earnings report shows the company has over 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers.
Why extortion is the new ransomware threat Ransomware actors are increasingly rebuffing encryption-based attacks in favor of plain extortion.
While novel, this isn’t the only aggressive tactic used by ransomware and extortion gangs.
What’s the difference between ransomware and extortion?
The Ransomware Task Force describes ransomware as an “evolving form of cybercrime, through which criminals remotely compromise computer systems and demand a ransom in return for restoring and/or not exposing data.”In reality, ransomware attacks can fall on a spectrum of impact.
This was demonstrated in the recent ransomware attack against Caesars Entertainment, which paid off the hackers in a bid to prevent the disclosure of stolen data.
Hackers stole the sensitive personal information of more than 14.6 million Mr. Cooper customers, the mortgage and loan giant has confirmed.
In a filing with Maine’s attorney general’s office, Mr. Cooper said the hackers stole customer names, addresses, dates of birth, phone numbers, as well as customer Social Security numbers and bank account numbers.
Mr. Cooper previously said that customer banking information was stored by a third-party company and believed to be unaffected.
Mr. Cooper said in its data breach notification letter to affected victims that the stolen data includes personal information on those whose mortgage was previously acquired or serviced by the company when it was known as Nationstar Mortgage, prior to its rebranding as Mr. Cooper.
Do you work at Mr. Cooper and know more about the cyberattack?
Hackers compromised the code behind a crypto protocol used by multiple web3 applications and services, the software maker Ledger said on Thursday.
The company says it has sold six million units of its hardware wallet, and Ledger Live, its software equivalent, is used by 1.5 million users.
That would allow the hackers to drain the crypto inside users’ wallets — so long as the users accepted the push to connect their wallets to the malicious Ledger version.
ZachXBT, a well-known independent crypto researcher, wrote on X that one victim had more than $600,000 in crypto drained from their account.
Several blockchain security researchers, as well as people who work in the web3 industry, warned users on social media of the supply chain hack against Ledger.
Databases belonging to two dating websites were recently compromised by hackers, who stole email addresses, direct messages, and other personal data from users of the sites. The breach is likely…
Cryptocurrencies are becoming increasingly popular, with many people turning to them for financial security and stability. However, even with the growing popularity of cryptocurrencies, there is still a large amount…
The hackers who published a trove of data stolen from U.S. network infrastructure giant CommScope claimed that they chose the company because of its connections to the military and government.…
According to Western Digital, data was stolen from its systems during a “network security incident.” Investigators are still trying to determine the extent of the damage caused by the attack,…
Experts at Google say the tools used by Variston are being used by hackers in the United Arab Emirates to spy on targets. With this information, law enforcement may be…
According to Rubrik, which disclosed its vulnerability on Friday, theFortra GoAnywhere zero-day vulnerability has been linked to hacks targeting a hospital chain and a bank. As such, Rubrik believes that…
