Xfinity notifies its customers of data breach linked to software vulnerability
NEW YORK (AP) — Hackers accessed Xfinity customers’ personal information by exploiting a vulnerability in software used by the company, the Comcast-owned telecommunications business announced this week. In a Monday notice to customers, Xfinity said there was unauthorized access to internal systems as a result of this vulnerability — which was previously announced by software provider Citrix — between Oct. 16 and 19. In the following months, Xfinity determined that information was likely acquired, including usernames, hashed passwords and, for some customers, the last four digits of Social Security numbers as well as account security questions. Analysis of the breach is still ongoing, but Xfinity is not aware of any leaks to date.