Comcast has confirmed that hackers exploiting a critical-rated security vulnerability accessed the sensitive information of almost 36 million Xfinity customers.
Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China, and international law firm Allen & Overy.
The notice doesn’t say how many Xfinity customers have been impacted, and Comcast spokesperson Joel Shadle declined to say when asked by TechCrunch.
In a filing with Maine’s attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach.
Comcast’s latest earnings report shows the company has over 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers.
Hackers stole the sensitive personal information of more than 14.6 million Mr. Cooper customers, the mortgage and loan giant has confirmed.
In a filing with Maine’s attorney general’s office, Mr. Cooper said the hackers stole customer names, addresses, dates of birth, phone numbers, as well as customer Social Security numbers and bank account numbers.
Mr. Cooper previously said that customer banking information was stored by a third-party company and believed to be unaffected.
Mr. Cooper said in its data breach notification letter to affected victims that the stolen data includes personal information on those whose mortgage was previously acquired or serviced by the company when it was known as Nationstar Mortgage, prior to its rebranding as Mr. Cooper.
Do you work at Mr. Cooper and know more about the cyberattack?
As the SEC’s new data breach disclosure rules take effect, here’s what you need to know The controversial regulation represents a major shake-up for U.S. organizationsStarting from today, December 18, publicly-owned companies operating in the U.S. must comply with a new set of rules requiring them to disclose “material” cyber incidents within 96 hours.
In an 8-K filing, breached organizations must describe the incident’s nature, scope, timing, and material impact, including financial and operational.
In addition to the SEC’s new data breach disclosure rules, the regulator has also added a new line item called Item 106 to the Regulation S-K that will be included on a company’s annual Form 10-K filing.
In a recent interview with TechCrunch, Sullivan said he welcomed the SEC’s data breach reporting rules, saying: “We can nitpick the details as much as we want, but this is the right way to do it,” he said.
Until now, many organizations have taken months to report a breach and only did so after they had completed their investigation.
Fetch.ai is a startup that is anticipating when the hype around artificial intelligence (AI) will shift from being Promethean to something more practical. With $40 million in funding, Fetch.ai aims…
The launch of “View as Delivery Person” on Uber Eats is a welcome step towards increased transparency for users when ordering food via the app. By displaying how much personal…
