UPDATED 14:23 EST / DECEMBER 19 2023

SECURITY

Comcast’s Xfinity unit and Insomniac Games experience large-scale data breaches

Comcast Corp.’s Xfinity subsidiary and video game developer Insomniac Games Inc. have both experienced large-scale data breaches that each compromised more than 1 million records.

The cyberattack against Xfinity was disclosed on Monday and saw hackers steal millions of customers’ account details. The Insomnia breach, in turn, first came to light last Tuesday. Today, the ransomware group behind the reach leaked more than 1 million files related to the company’s video game development roadmap.

Xfinity provides cable television and internet subscriptions to consumers. It disclosed in a regulatory filing that hackers have compromised the usernames and hashed, or scrambled, passwords of 35.8 million customers. That amounts to most or all of Xfinity’s installed base.

According to the Comcast unit, the hackers also gained access to some customers’ names, dates of birth, contact information and the last four digits of their Social Security numbers. Furthermore, Xfinity believes that the breach compromised some users’ secret login verification questions as well as their answers.

The hackers carried out the cyberattack using a vulnerability called CitrixBleed that affects Citrix Systems Inc.’s Citrix Gateway product. It’s a networking platform that allows employees to remotely log into their company’s work applications via virtual private network, or VPN, connections. The product is also commonly used to power virtual desktop environments.

The CitrixBleed vulnerability that the cyberattack used has received a severity score of 9.4 out of a maximum 10 on the widely-used CVE risk scale. The vulnerability facilitates the creation of buffer overflows, a type of error that makes it possible to overwrite sensitive parts of an application with malware. The hackers behind the Xfinity breach used CitrixBleed to access the Comcast unit’s customer dataset.

Citrix first released a patch for the vulnerability in late August. Xfinity says it discovered the breach two months later. According to the Comcast unit, its engineers discovered that the hackers gained access to customer information last month and a “data analysis” designed to map out the full scope of the hack is still ongoing. This raises the possibility the breach may prove out to have compromised more data than currently believed.

To protect affected customers from potential cyberattacks, Xfinity has reset their passwords. It’s also recommending that they implement multifactor authentication.

On the heels of Xfinity’s Monday breach disclosure, a cybercrime group this morning leaked internal files from Insomniac Games. Burbank, California-based Insomniac develops a series of video games based on popular comics. It’s a subsidiary of Sony Corp., which also experienced a breach earlier this year in which hackers stole data belonging to several thousand employees.

The ransomware group that carried out the hack of Insomniac Games is reportedly known as Rhysida and is said to be financially motivated. It disclosed the cyberattack on Dec. 12. At the time, the group offered to sell the stolen data for 50 bitcoins or about $2 million.

The hackers stole a 1.67-terabyte dataset comprising about 1.3 million files. Those files include information about several upcoming Insomniac games, including at least one set to release in 2033, along with related technical assets. The hackers also gained other data including information on Insomniac’s development and marketing budgets.

Image: Unsplash

 


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU