WingNews logo WingNews GitHub [2]
top | item 7208668

Change your passwords: Comcast hushes, minimizes serious hack

92 points| 6cxs2hd6 | 12 years ago |zdnet.com | reply

33 comments

order
[+] pmorici|12 years ago|reply
I really dislike Comcast I wish there was a viable competitor for Internet in my area.
[+] mcpherrinm|12 years ago|reply
Really? I am new to the US but I have been really happy with my Comcast. Self install was easy and quick, billing has always worked out fine, and while not super affordable, 50mbit is the fastest internet I've ever had at home. IPv6 too!
[+] nathancahill|12 years ago|reply
Yes. Going to post a write up shortly on how I waived the $250 installation fee for 105 Mbps internet.
[+] fernly|12 years ago|reply
Specifically why? Because I am really tired of DSL and comcast is the only broadband I could get.
[+] josefresco|12 years ago|reply
It's impossible for me to change my Comcast password ... let me explain. I have a "custom" email address for my Comcast account. I have never used the Comcast provided email or login (customer for 10+ years). Many years ago when I signed up I managed to setup my own email and have used it ever since.

Fast forward 5 years and I'm attempting to authenticate an iPad TV app with my Comcast account and I have a brain freeze on my password. I attempt a reset and it doesn't' work. I try again, and again, from differing machines and finally call. Long story short they have no record of my email and can't reset the password. My only option is to revert to the Comcast supplied email which I have never used and don't even know.

Luckily I remembered my password and was able to simply move on but was shocked that there was simply no official way for me to retrieve or reset my password yet I have an account that still works (even for billing)

[+] dec0dedab0de|12 years ago|reply
Support will reset your password if you verify your information with them. I just had to do this for my mom so she could watch the Olympics on her ipad.
[+] colinbartlett|12 years ago|reply
I haven't been a Comcast subscriber in years, but I wonder if my credentials from ages ago could have been compromised?
[+] erichurkman|12 years ago|reply
Set them up with a unique password; then, even when this situation repeats, you'll only have exposed your Comcast account (likely not that important).
[+] rikacomet|12 years ago|reply
Apparently they did more. On 8th Feb, I had these two IP addresses checking out my who.is page.

64.246.165.10

216.145.14.142

I was certainly only curious, because it was a unpublished website with deny-all for all robots., so tried a reverse-ip using Who.is; To my surprise, the who.is page for the above two I.P. didn't load, thought it was maybe my connection, but then, when I used Whois.net to end up with the same result, I knew something was going on.

It was only after I googled the I.P address I found some dutch reverse I.P sites that said it was from comcast servers. Though I have nothing worth hiding, and it was just a testing ground for me, this was apparently not nice. I only got to know about the hack yesterday.

Perhaps they bulk collected data, using comcast servers?

[+] dangrossman|12 years ago|reply
Those IPs have nothing to do with Comcast; they're not owned, hosted by or routed through Comcast. They both resolve to whois.sc -- a whois lookup site; indexing whois records is what they do.

    # nslookup 64.246.165.10
    10.165.246.64.in-addr.arpa      name = www.whois.sc.

    # nslookup 216.145.14.142
    142.14.145.216.in-addr.arpa     name = www.whois.sc.
[+] TrainedMonkey|12 years ago|reply
Can someone confirm exposure level? From article it seems only comcast email and forum servers were hacked.

Comcast user here, wondering if I need to change comcast account password.

[+] schnable|12 years ago|reply
Your master email account is that same as account that is used to sign into their billing system. So yes you are exposed.
[+] thezilch|12 years ago|reply
Just do it; assume the worst; save yourself real trouble.