Comcast Internet Customers: You Should Change Your Password

Future Tense
The Citizen's Guide to the Future
Feb. 10 2014 8:19 PM

Comcast Internet Customers: You Should Change Your Password

Comcast hasn't been forthcoming about warning customers to change their email account passwords.

Photo by Dave Winer on Flickr.

If the idea of Comcast email makes you roll your eyes ... OK, that's reasonable. But Comcast was hacked recently, their mail servers were compromised, and every Comcast Internet customer has an Xfinity email address. So for Comcast's 19.9 million Internet customers, this is important. It could be you.

Lily Hay Newman Lily Hay Newman

Lily Hay Newman is lead blogger for Future Tense.

Last week the hacking group NullCrew FTS hacked 34 (or possibly more) of Comcast's servers and then published details about how to infiltrate the company's mail servers on Pastebin. Comcast didn't acknowledge the situation until the Pastebin post was removed more than a day later.


In a statement to the broadband news site MultiChannel, a Comcast spokesperson said that:

We’re aware of the situation and are aggressively investigating it. We take our customers’ privacy and security very seriously and we currently have no evidence to suggest any personal customer information was obtained in this incident.

But once the NullCrew FTS vulnerability was live, users began experiencing problems as the affected mail servers struggled under the load of numerous attacks. ZDNet found examples of customers complaining about the situation in Comcast customer service forums. It seems unlikely that no customer data was compromised give that the whole Internet had access to the servers for more than 24 hours.

The situation is esepcially troubling given that NullCrew FTS had already discovered the overarching vulnerability, CVE-2013-7091, in December 2013, but Comcast never updated their system to patch the hole. Even if you don't use your Xfinity address for anything other than logging into your Comcast account, the only way to protect your data going forward is to change your password. Go do it.

Future Tense is a partnership of SlateNew America, and Arizona State University.



The End of Pregnancy

And the inevitable rise of the artificial womb.

Doctor Tests Positive for Ebola in New York City

How a Company You’ve Never Heard of Took Control of the Entire Porn Industry

The Hot New Strategy for Desperate Democrats

Blame China for everything.

The Questions That Michael Brown’s Autopsies Can’t Answer


Kiev Used to Be an Easygoing Place

Now it’s descending into madness.


Don’t Just Sit There

How to be more productive during your commute.

There Has Never Been a Comic Book Character Like John Constantine

Which Came First, the Word Chicken or the Word Egg?

  News & Politics
The Slate Quiz
Oct. 24 2014 12:10 AM Play the Slate News Quiz With Jeopardy! superchampion Ken Jennings.
Oct. 23 2014 5:53 PM Amazon Investors Suddenly Bearish on Losing Money
Oct. 23 2014 5:08 PM Why Is an Obscure 1968 Documentary in the Opening Credits of Transparent?
  Double X
The XX Factor
Oct. 23 2014 11:33 AM Watch Little Princesses Curse for the Feminist Cause
  Slate Plus
Oct. 23 2014 11:28 AM Slate’s Working Podcast: Episode 2 Transcript Read what David Plotz asked Dr. Meri Kolbrener about her workday.
Brow Beat
Oct. 23 2014 6:55 PM A Goodfellas Actor Sued The Simpsons for Stealing His Likeness. Does He Have a Case?
Oct. 23 2014 11:47 PM Don’t Just Sit There How to be more productive during your commute.
  Health & Science
Oct. 23 2014 5:42 PM Seriously, Evolution: WTF? Why I love the most awkward, absurd, hacked-together species.
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.