Morgan & Morgan’s industry leading data privacy attorneys are investigating a recent breach announced by Comcast Cable Communications’ cable television and internet division Xfinity. In October 2023, Xfinity discovered that one of its Citrix servers had been compromised due to a software vulnerability. Following an investigation, Xfinity has indicated that the attackers exfiltrated data of more than 35 million people. The customer information impacted includes usernames and passwords, and for some customers also includes dates of birth, the last four digits of social security numbers, contact information, and password hints. Xfinity has encouraged its customers to reset their passwords.
This is not the first time that software flaws have led to a breach of Citrix servers. Since August, attackers have been exploiting this vulnerability that led to the breach of Xfinity’s customer data. Question have arisen as to whether Citrix timely advised companies of this vulnerability and whether Xfinity promptly updated its software with the patch sent to fix the flaw.
If you received a data breach notification from Xfinity, please contact us through here.
We place a significant amount of trust in the companies we choose to share our information with, making the actions of Xfinity and Citrix all the more unacceptable. If you suspect that your information was exposed in Xfinity/Citris data breach, Morgan & Morgan is here to help.