If you are a customer of Comcast‘s internet service, you might just want to go change your password.
It looks like a phishing attack left the usernames and passwords of about 4,000 Comcast customers exposed on the web – for more than two months.
The breech was discovered when Kevin Andreyo, an technology specialist in Pennsylvania and professor at Wilkes University, stumbles upon the huge list Monday on Scribd, a document-sharing Web site.
Andreyo had been looking over a PC World piece called “People Search Engines: They Know Your Dark Secrets… And Tell Anyone,” when he decided he would try to find out what information about him could be found online.
He used the people search engine Pipl and found 4 results, one of which was the list on Scribd.
The list also included his password. Scribd’s tracking system showed that the database had been seen more than 345 times and was downloaded 27 times.
Comcast is currently looking into the matter and they have stated the the list most likely did not come from someone on the inside, pointing to a lack of structured information like account numbers.
“We have no reason to believe this came from Comcast. It looks like a phishing or related type of scheme,” said Jennifer Khoury, a Comcast spokeswoman.
Get Blippitt via RSS feed, Facebook, Twitter, Google+,
and be sure to get our Daily Email Broadcast.
