Comcast resets passwords for 200,000 users after login credentials go on sale

Over the weekend, someone has been peddling a batch of 590,000 email address/password combinations allegedly belonging to Comcast customers. The price set for the lot was 3.23 Bitcoin (around $1,000).

The data has been offered for sale on a dark web market, and has been since snapped up by at least one buyer.

CSO’s Steve Ragan posits that the buyer might be Comcast, as the company has gotten their hands on the batch, and has investigated whether the stolen info is genuine and can be misused.

As it turned out, around a third of it is, and the company has forced a password reset on some 200,000 customer accounts. But, they say, the information hasn’t been stolen from them – they suffered no breach.

Instead, it is likely that the login credentials were phished or compromised with malware, or, most likely, compiled from previous data leaks (users used the same username/password combination on other sites).

“Similar lists of Comcast data were circulated earlier last week, and it’s possible the list being sold on the Dark Web included some, if not all of the records in that earlier list,” noted Ragan.