23 May Comcast Caught Leaking Passwords of Xfinity Routers
It was revealed earlier this week that US telco giant Comcast had reportedly exposed the passwords of customers using Xfinity-provided wireless routers in plaintext online.
According to the security researchers who reported the issue, anyone with the customer’s account number and street address number, which can easily be found on a paper bill or in an email, can access the customer’s router’s SSID and password. This can give attackers full control of the router and carry out activities like monitor internet traffic, rename the router’s network, or change its password.
Comcast took the down the service a few hours after learning of the issue and said that they will be conducting a thorough investigation, as well as the necessary steps to ensure that the incident does not happen again.