- Is the Cisco MARS mission going to abort?
- First iPhone worm spreads Rick Astley wallpaper
- 10 stunning 3D buildings made with Google SketchUp
- Open source software ready for big business
- Four reasons to buy (and one reason to avoid) the Droid
Comcast has suffered a leak in its user data that went undetected for more than two months. And it was an alert PC World reader who helped uncover the leak, when a document containing 8,000 e-mail accounts and passwords was found on Scribd.com, according to the New York Times.
Slideshow: 10 of the Worst Moments in Network Security History
After reading the PC World article "People Search Engines: They Know Your Dark Secrets... And Tell Anyone," a concerned Kevin Andreyo tracked his name to see where his information was being disseminated. It was on Scribd that Andreyo discovered the document that contained the sensitive Comcast data; it had been viewed over 345 times and downloaded 27 times. Scribd has since removed the document, but apparently only after contacted by the Times.
When confronted with the problem, Comcast blamed a phishing scam. The company also pointed out that many of the 8,000 entries were duplicates, and conservatively lowered the number to 4,000 exposed user accounts. Comcast denied the hack was internal, claiming that if it were an internal document, it would contain much more information than just e-mail addresses and passwords, and probably would have been better organized.
DSLReports.com nabbed a statement from Comcast that claims the total number of impacted customers is 700. Comcast says the data breach was the result of "a phishing scam or some kind of malware that affected customer computers." Comcast has frozen the afflicted accounts and is contacting individuals with information about where to download the McAfee Security Suite, which is free for Comcast subscribers.
It's interesting to me that Comcast can claim this is not an internal job. If it were a wider-ranging phishing scam, wouldn't e-mail accounts for users other than Comcast appear on the list? Why would a phishing scam target only Comcast.net users?
There's also quite a discrepancy when it comes to the number of afflicted customers. Eight thousand to 4,000 to 700? Seems to me that Comcast is playing the PR game, and, as a result, might be playing with your information.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment