Xfinity by Comcast reports a data breach following a cyberattack that took use of the CitrixBleed vulnerability.
By taking use of this vulnerability, threat actors were able to take over active authenticated connections and get around multifactor authentication and other stringent authentication regulations.
The security company Mandiant saw threat actors taking control of sessions in which the threat actor used session data that had been taken prior to the patch being deployed.
The business discovered that hashed passwords and usernames are among the different client data that is exposed.
TPRM report: https://scoringcyber.rankiteo.com/company/comcast
"id": "com152251223",
"linkid": "comcast",
"type": "Breach",
"date": "12/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Telecommunications',
'name': 'Xfinity by Comcast',
'type': 'Telecommunications'}],
'attack_vector': 'CitrixBleed vulnerability',
'data_breach': {'type_of_data_compromised': ['Hashed passwords', 'Usernames']},
'description': 'Xfinity by Comcast reports a data breach following a '
'cyberattack that took use of the CitrixBleed vulnerability. '
'By taking use of this vulnerability, threat actors were able '
'to take over active authenticated connections and get around '
'multifactor authentication and other stringent authentication '
'regulations. The security company Mandiant saw threat actors '
'taking control of sessions in which the threat actor used '
'session data that had been taken prior to the patch being '
'deployed. The business discovered that hashed passwords and '
'usernames are among the different client data that is '
'exposed.',
'impact': {'data_compromised': ['Hashed passwords', 'Usernames']},
'response': {'third_party_assistance': ['Mandiant']},
'title': 'Xfinity by Comcast Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'CitrixBleed'}