Comcast Corporation, an American multinational mass media company, found its users’ login credentials sold on the dark web over the weekend and asked its users to reset their passwords on Monday.
According to official sources, over 200,000 users are affected by the breach and are asked to reset their passwords with immediate effect.
The hacked credentials contain email IDs and associated passwords. The data was sold on what is known as the black market of the internet, “the dark web”
The dark web consists of networks that can only be accessed via specific software; they can’t be accessed over the public internet. Darkweb has always been used for trading things that are not legal to sell on the public internet, and is a perfect platform for hackers to sell leaked stuff.
In the past, child abuse images, stolen Spotify accounts and Bogus NYPD badges were also available for sale on the dark web.
Comcast found over 590,000 login credentials sold by the hackers, of which at least 33 per cent were genuine, while the price set for these accounts was $1000 for the complete list and $300 for 100,000 credentials.
Right after Comcast found this, they put all the accounts on verification and right after the verification required a password reset. But, the most intriguing fact of this breach is that all this data didn’t come from the breach of Comcast’s network; it’s compiled data of many different breaches or thefts from the hackers carried out recently or in the past.
“There’s no evidence that this is a breach, but we are working with the customers who were impacted to secure their accounts,” said Comcast spokeswoman Jenni Moyer.
The company believes customers are the ones to blame as they believe the customers are tricked into exposing their login credentials by the hackers through some malware, according to The Washington Post.
But 200,000 users tricked into downloading and executing a malware is something difficult to believe, though, for some users it might be true. Overall, the leaked data may have been picked up from numerous resources, and past breaches of the company’s network might be one of those sources.
Comcast has over 28 million users, so 200,000 is a very small portion of that, but it still is a theft and shows how vulnerable user data is.
Furthermore, the company claims that leaked data is not enough to steal users’ credit card details, so not much to worry about. But a fact about users and passwords really makes things interesting. Most users have saved their passwords on all the networks to allow them to remember passwords easily.
So, what it means is that if a hacker leaks the password of an account, he has basically leaked passwords of many other networks, and even if the users change their hacked passwords, they have given hackers that one hint he is looking for to steal passwords.
The only way out is to keep a strong password for all the accounts you make; otherwise, hackers can cause you a lot of damage.
Comcast Corporation, formerly registered as Comcast Holdings, is an American multinational mass media company and is the largest broadcasting and cable company in the world by revenue.