Image: Che Saitta-Zelterman
Quite literally, every day someone gets hacked. Whether that's a telecommunications company having its customer data stolen, or another chain of businesses being ripped for all the credit cards it processes, today one hack just seems to melt into another.That's why we're launching this new format: Another Day, Another Hack. We'll do short posts giving you what you need to know about the hack, so you can figure out whether your bank account, website logins or anything else might be at risk. Because, even if the hack might not be the most sophisticated, and as new data breaches fight for your attention, real people are still getting fucked over somewhere, and should know about it.
Someone is selling an alleged list of 590,000 Comcast customers' logins and passwords for $1,000 on a dark web forum, as first reported by CSO Online.A Comcast spokesperson told Motherboard that the data does not come from a data breach, as "there is no evidence that our systems were breached."Though Comcast doesn't know exactly where the data comes from, the spokesperson said that it was a case of harvesting credentials from other third party breaches, malware, phishing or other "external things that happen in the dark space," the spokesperson said, likely referring to the dark web."This is kind what happens in the dark space, people's information unfortunately gets compromised in a number of different ways, and then they try to sell it," the Comcast spokesperson told Motherboard in a phone call on Monday.
Advertisement
Someone is selling an alleged list of 590,000 Comcast customers' logins and passwords for $1,000 on a dark web forum, as first reported by CSO Online.A Comcast spokesperson told Motherboard that the data does not come from a data breach, as "there is no evidence that our systems were breached."Though Comcast doesn't know exactly where the data comes from, the spokesperson said that it was a case of harvesting credentials from other third party breaches, malware, phishing or other "external things that happen in the dark space," the spokesperson said, likely referring to the dark web."This is kind what happens in the dark space, people's information unfortunately gets compromised in a number of different ways, and then they try to sell it," the Comcast spokesperson told Motherboard in a phone call on Monday.
The good news is that most of those accounts were either inactive or contained wrong or false information. Only 30 percent of them were active, according to Comcast, so less than 200,000. The other good news is that Comcast already reached out to them to help the users reset their passwords, according to the spokesperson.It's unclear how the seller got his or her hands on the data, but it's likely this is data culled from other breaches occurred in the last few years, where users reuse the same password for many services.The lesson: don't reuse your passwords, and set two-factor authentication wherever you can so if your password does get compromised, hackers won't be able to get in.Another day, another hack.Image: Che Saitta-ZeltermanAnyone notice the 590K emails/plaintext passwords allegedly from Comcast being sold? flanvelNovember 7, 2015