Hackers accessed Xfinity customers' personal information by exploiting a vulnerability in software used by the company, the Comcast-owned telecommunications business announced this week.
In a Monday notice to customers, Xfinity said there was unauthorized access to internal systems as a result of this vulnerability — which was previously announced by software provider Citrix — between Oct. 16 and 19.
Xfinity discovered the “suspicious activity” on Oct. 25, and in the following months determined that information was “likely acquired.” On Dec. 6, the company concluded that information included usernames and hashed passwords — and, for some customers, the last four digits of Social Security numbers, account security questions, birthdates and contact information.
Analysis of the breach is still continuing but to date, Xfinity is “not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” the company said in a statement sent to The Associated Press Tuesday.
Xfinity is also requiring customers to reset their passwords, while strongly recommending two-factor or multifactor authentication.
A filing with Maine's office of the attorney general disclosed that nearly 35.9 million people were affected by this breach. The company declined to confirm a specific number Tuesday, but noted the filing's figure represents user IDs.
Philadelphia-based Comcast has more than 32 million broadband customers, according a recent earnings release.
In addition to Xfinity, Citrix provides software to thousands of companies around the world. The previously-announced vulnerability, dubbed “Citrix Bleed,” has also been linked to hacks targeting the Industrial and Commercial Bank of China's New York arm and a Boeing subsidiary, among others.
Under new rules that went into effect Monday, the Securities Exchange Commission now requires public companies to disclose all cybersecurity breaches that could affect their bottom lines — within four days of determining a breach is material. As of Tuesday, there were no SEC filings from Comcast about the recent data breach and the company did not immediately address it.
A big-screen adaptation of the anime “Chainsaw Man” has topped the North American box office, beating a Springsteen biopic and “Black Phone 2.” The movie earned $17.25 million in the U.S. and Canada this weekend. “Black Phone 2” fell to second place with $13 million. Two new releases, the rom-com “Regretting You” and “Springsteen — Deliver Me From Nowhere,” earned $12.85 million and $9.1 million, respectively. “Chainsaw Man – The Movie: Reze Arc” is based on the manga series about a demon hunter. It's another win for Sony-owned Crunchyroll, which also released a “Demon Slayer” film last month that debuted to a record $70 million.
The Federal Aviation Administration says flights departing for Los Angeles International Airport were halted briefly due to a staffing shortage at a Southern California air traffic facility. The FAA issued a temporary ground stop at one of the world’s busiest airports on Sunday morning soon after U.S. Transportation Secretary Sean Duffy predicted that travelers would see more flights delayed as the nation’s air traffic controllers work without pay during the federal government shutdown. The hold on planes taking off for LAX lasted an hour and 45 minutes and didn't appear to cause continued problems. The FAA said staffing shortages also delayed planes headed to Washington, Chicago and Newark, New Jersey on Sunday.
Boeing workers at three Midwest plants where military aircraft and weapons are developed have voted to reject the company’s latest contract offer and to continue a strike that started almost three months ago. The strike by about 3,200 machinists at the plants in the Missouri cities of St. Louis and St. Charles, and in Mascoutah, Illinois, is smaller in scale than a walkout last year by 33,000 Boeing workers who assemble commercial jetliners. The president of the International Association of Machinists says Sunday's outcome shows Boeing hasn't adequately addressed wages and retirement benefits. Boeing says Sunday's vote was close with 51% of union members opposing the revised offer.
The stunning indictment that led to the arrest of more than 30 people — including Miami Heat guard Terry Rozier and other NBA figures — has drawn new scrutiny of the booming business of sports betting in the U.S. The multibillion-dollar industry has made it easy for sports fans — and even some players — to wager on everything from the outcome of games to that of a single play with just a few taps of a cellphone. But regulating the rapidly-growing industry has proven to be a challenge. Professional sports leagues’ own role in promoting gambling has also raised eyebrows.
At the core of the ongoing government shutdown is a fight over the decision to end subsidies that let some 12 million Americans get health coverage.
Tesla, the car company run by Elon Musk, reported Wednesday that it sold more vehicles in the past three months after boycotts hit hard earlier this year, but profits still fell sharply. Third-quarter earnings fell to $1.4 billion, from $2.2 billion a year earlier. Excluding charges, per share profit of 50 cents came in below analysts' estimate. Tesla shares fell 3.5% in after-hours trading. Musk said the company's robotaxi service, which is available in Austin, Texas, and San Francisco, will roll out to as many as 10 other metro areas by the end of the year.
