Comcast customers on Monday learned that their personal data — like hashed passwords, contact details, birthdates, and the last four digits of social security numbers — had been exposed in a massive data breach. Comcast said it detected the breach on October 25, 2023.
“We promptly patched and mitigated the vulnerability. We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” Comcast told Cord Cutters News.
Finding out that you might have been impacted by a data breach is incredibly stressful. With so much of our lives being online, the chance of our personal data being compromised in a breach could result in far-reaching damage.
Just as there isn’t a foolproof way to protect yourself from an attack, there’s no way to 100% ensure your safety if your data is part of a breach. All the same, the action you take after being notified can make a difference.
Time is also a huge factor in the wake of a data breach. Comcast said it required its customers to reset their passwords and recommended turning on multi-factor authentication. Since the company detected the breach in October and notified customers in December, customers should act quickly.
When it comes to passwords, you might have to change more than just the password you used for your Comcast account. If you use the same password for multiple services, it’s likely that all of those accounts are now vulnerable.
If having different passwords for a multitude of services sounds like a headache, try a using a password manager. The apps keep track of all your login information and can generate strong, random passwords for your accounts.
Two-factor, or multi-factor, authentication can add another layer of security to your accounts. This can look like text-message verification or a code via email or an authentication app.
It’s also wise to monitor your accounts — particularly your bank account and other services tied to a payment method — after a data breach. Watch for any suspicious activity, log-in attempts, or purchases that you didn’t make. That goes for accounts you don’t use anymore either. Rule of thumb — if you’re not using the account anymore, delete it.
As technology continues to evolve, so do cybercriminal tactics. It will only become more important to be mindful of your digital footprint.