Hot on HuffPost Tech:

See More Stories
AOL Tech

Passwords Compromised for Thousands of Comcast Subscribers

Kevin Andreyo, an education technology specialist in Reading, PA, came across a startling discovery Monday after vetting himself on the search engine Pipl. Inspired by the PCWorld article "People Search Engines: They know Your Dark Secrets . . . And Tell Anyone," Andreyo searched his e-mail address and found a list that included his Comcast username and password, as well as those for 8,000 other Comcast subscribers. The list, which appeared on the document-sharing Web site Scribd, had been up for two months, garnering 345 views and 27 downloads.

Mr. Andreyo alerted Comcast and the F.B.I. about the presence of the document, and it was removed Monday afternoon. Similar to the rest of us, Mr. Andreyo expressed concern in an interview with the New York Times that it "isn't just my password for Comcast, it's my password for everything that's not tied to my credit card."

Comcast diverted blame and said the list may have appeared as a result of a phishing scheme, although Mr. Andreyo doubts that he fell victim to such a scam. Jennifer Khoury, a spokeswoman for Comcast, said, "We have no reason to believe this came from Comcast. It looks like a phishing or related type of scheme." Ms. Khoury assured subscribers that the compromised e-mail addresses would be frozen, and that the company would offer advice about safe passwords and the use of McAfee Security Suite, anti-virus software that is available for free to all Comcast subscribers. [From: The New York Times]

Update: Brad Stone updated his New York Times bit blog today after a follow-up e-mail from Jennifer Khoury. According to Ms. Khoury, information for only 700 Comcast subscribers, not 8,000, was included in the document posted on Scribd. The remaining data on the list consisted of duplicate names, inactive accounts, or people who weren't actually customers.

Seven Security Breaches

    45 Million Card Numbers Stolen from TJ Maxx and Marshall's
    TJX Companies Inc., the umbrella corporation of TJ Maxx and Marshall's, was taken for over 45 million card numbers between 2004 and 2007. So much for those alleged TJ Maxx bargains.

    Getty Images

    Thieves Snag 4.2 Million Credit Card Numbers from Supermarket Chain
    Sometime between December, 2007 and February, 2008, data thieves -- infiltrating the credit card authorization system of Hannaford Brothers and Sweetbay grocery stores -- managed to obtain the information of 4.2 million cards. Close to 2,000 cases of fraud were reported.

    17 New Yorkers Busted for ID Theft and Money Laundering
    Back in 2007, the New York-based company Western Express International was found to be a powerful credit-card harvesting operation, responsible for trafficking 95,000 stolen card numbers. Seventeen employees were indicted.

    More Than Four Million Health Records Breached in 2008
    According to research firm DataLoss DB, 4.07 million individuals had their healthcare records compromised last year. We know at least two of them belonged to Britney Spears and Farrah Fawcett, and were sold by a California hospital worker.

    Getty Images

    CardSystems Solutions Taken for 40 Million Accounts
    Having snuck past the security systems of CardSystems Solutions, data thieves compromised around 40 million card accounts in 2005. No word on whether or not the company has considered changing the name to CardSystems Problems.

    Hackers Who Stole Credit Card Numbers from Dave & Buster's Arrested
    Last year, the Justice Department busted an international ring of hackers who had stolen an untold number of credit card numbers from the Dave & Buster's restaurant chain by installing software on the company's national servers. Reported losses were well in excess of $600,000.

    11 Arrested in Theft of 41 Million Credit Card Numbers
    In August of last year, Federal prosecutors charged 11 thieves in the U.S.A., former Soviet states and China with stealing 41 million credit cards' information. A Miami man, Albert Gonzalez, was charged as the group's mastermind.

Related Stories:

Tags: breaking news, BreakingNews, comcast, hacking, password compromised, password protection, PasswordCompromised, PasswordProtection, pipl, scribd, security, top



Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.