The last few months have been rough for Comcast.
The cable TV company is facing another class action lawsuit following a massive data beach in December that exposed its customers’ personal data — likely including hashed passwords, contact details, the last four digits of social security numbers, and birth dates.
Following its detection of the breach, Comcast said it “promptly patched and mitigated the vulnerability.”
Plaintiff Raymond Goodrow accuses Comcast of failing to adequately secure and protect personally identifiable information during the breach, according to the lawsuit, obtained by Top Class Actions. Goodrow went on to argue that Comcast had the resources “take seriously the ‘obligation’” to keep its users’ information safe, but “failed to invest the time or resources necessary” to do so.
Citrix, one of Comcast Xfinity’s software providers, is also named as a defendant in the suit. In October, Citrix said it had experienced a vulnerability in one of its products used by Xfinity customers and other companies. According to the report, Goodrow accuses the software provider along with Comcast of unjust enrichment, as well as breach of implied contract and negligence.
Prior to Goodrow’s lawsuit, Comcast faced three others in December. The trio of respective filings all accused the cable provider of not properly protecting its users’ personal information.
Comcast declined to comment.