Comcast UserID information Found on ScribD
Yesterday a document on Scribd, a document sharing Web site, with Comcast customers' email account passwords was brought to our attention by Kevin Andreyo and Brad Stone of the New York Times (read Brad's post here). Working quickly with Scribd we had the document removed. We analyzed it to determine how much account information it contained. The list did have 8,000 entries only about 700 of those entries were valid userIDs which were Comcast customers. What's a userID? It's an email and a password - so you might have 5 userIDs in your house if you have a family.
So what are we doing? A few things:
- We've frozen all of these accounts, and are in the process of calling each of the people impacted.
- Our engineers are reviewing our systems and there is no evidence that any Comcast systems have been breached.
- We're working with the proper authorities.
What do we think happened? Judging by the data that this file contained, and the way it was organized (which is to say there was no organization at all) it looks like this was the result of a phishing attack (which Jay Opperman covered last week on the blog).
We take this matter very seriously and want to remind you to take every safeguard you can to make sure your computer is safe from such attacks. Check out http://security.comcast.net/ for details about downloading McAfee for your Windows systems, as well as other tips for keeping yourself safe on the web.
Enter Comments
Please note that all comments on the Comcast Voices blog must follow the guidelines outlined in the blog policy. All comments will be moderated prior to appearing on the blog. This is important to prevent spam and personal attacks. If posting a comment about a specific customer service problem or personal account issue, please contact us here, or post your question to the Comcast Help & Support forums.