Comcast resets 200,000 cleartext passwords that were up for sale online

Comcast has urged its customers to change their account details, after it discovered that data was being sold on the dark web. It has already reset affected cleartext passwords as a precautionary measure.

Speaking to the Chicago Tribune, the media company explained that a list of usernames and passwords belonging to 590,000 people were being offered by a cybercriminal in a hidden, online marketplace.

Subsequent analysis of this information found that approximately 200,000 customers had been compromised.

"The vast majority of the information that's out there was not accurate. We discovered that about a third of the 590,000 were accurate."

"The vast majority of the information that's out there was not accurate," a spokeswoman for Comcast told the the online news provider. "We discovered that about a third of the 590,000 were accurate."

The alleged cybercriminal, going by the name Orion, told Vulture South that he had obtained customer information two years ago when he “popped a Comcast mail server”.

Comcast has stated that the individual behind the leak did not access the information through a direct cyberattack on its system.

Instead, it reasons that the list of usernames and passwords was acquired through phishing, malware and compromised sites.

It is unlikely that anyone has had an opportunity to acquire the information, since the list was first put up for sale on the dark web.

“The marketplace ad has generated a single sale since it was posted,” noted the writer and security expert Steve Ragan recently.

“The odds are good that Comcast themselves were the customer, especially given how fast they scrubbed the list and reset the handful of exposed accounts.”

In related news, it was revealed that Spotify may have experienced a data breach last week, with up to a 1,000 users affected.

Newsweek reported that alleged victims have got in touch, claiming that their accounts have indeed been breached.

However, the music streaming service has denied that any attack has occurred. In an email to Newsweek, it said that its records remain secure.

“The compromised credentials come from a well known past leak on another service,” it explained.

"Many people use the same credentials for multiple services and we urge anyone who thinks his or her information was compromised to change passwords.”