Comcast (NASDAQ: CMCSA) said it is securing around 200,000 customer email accounts after passwords for the accounts showed up over the weekend on a Dark Web marketplace.
As first reported by CSO, a Dark Web seller claims to have obtained 595,000 compromised accounts and was selling blocks of 100,000 for $300.
A Comcast rep told FierceCable that only around 200,000 of the accounts were active. Comcast added that it is in the process of changing passwords for each account. The addresses were likely obtained, the rep said, through the "online activities" of customers -- things that would subject them to phishing scams and malware attacks. The rep insisted that Comcast's own servers have not been successfully hacked.
The breach follows an agreement by Cox Communications to pay $595,000 in fines to the FCC after the agency found that the cable company didn't provide the level of security needed to stop a 2014 security breach, which also involved sensitive user data for hundreds of thousands of customers.
According to the FCC, a hacker identifying himself as EvilJordie masqueraded as a Cox tech employee and successfully convinced a company customer service rep and a Cox contractor to give up authentication keys that unlocked the sensitive customer data.
This data included customer names, physical addresses, email address, security questions/answers, PINs, and in some cases, Social Security and drivers' license numbers. EvilJordie shared some of the stolen information on social media sites, the FCC said, and also dispersed some of it among members of his hacking group, the Lizard Squad.
As CSO noted, many of the individuals commenting on the list of compromised Comcast customer names accused the seller of peddling "recycled" information, meaning the data could have been illegally obtained earlier. A similar list had circulated around the Dark Web earlier in the week.
Cox pays $595K to settle FCC complaint over 'Lizard Squad' security breach
Charter's Rutledge: TVE password sharing is no joke
DSL routers prone to remote hacking, says Carnegie Mellon University CERT report