Comcast Tells 200K Users to Reset Passwords in Security Threat
Hackers matched usernames and passwords on Comcast accounts with usernames and passwords they had obtained from past, shared hacks.Here's yet another example of why people need to use multiple passwords when handling transactions of any type on the Internet. Comcast, the largest cable television and Internet services provider in the United States with more than 28 million subscribers, revealed Nov. 9 that it has required about 200,000 of its customers to reset their passwords after the company discovered its information was being sold and resold online by black-market personal-information brokers. This particular mishap was not the result of a hacking event on Comcast's data stores. Instead, hackers matched usernames (in Comcast's case, usernames are email addresses) and passwords on Comcast accounts with usernames and passwords they had obtained from past, shared hacks of other companies. Not only does this show how often people use the same username/email address and password for various different accounts, but it also is a first-rate example of how commoditized this type of stolen data has become.
Virtually all of the username/email address and passwords that were compromised were obtained by online thieves who use readily available software to match the Comcast username and password with those from other accounts—such as from social networks, retail outlets and utilities—already stolen from the same users.