Latest in Gear

Image credit:

Xfinity Mobile PINs were left as '0000' by default

In the cases where fraudsters got access to people's data, they went wild.
Share
Tweet
Share
SOPA Images via Getty Images

Sponsored Links

Comcast is a media and telecoms conglomerate that made close to $28 billion in the last three months of 2018. You would think that a company of that size, and wealth, would be able to avoid a security blunder akin to making all default passwords "password." Alas, according to The Washington Post, the company allowed its customers Xfinity Mobile accounts to be hijacked because the default PIN was... "0000."

Apparently, Comcast has allowed several of its customer accounts to be hijacked in this manner, allowing fraudsters to ratchet up a sizable credit card bill. The report explains that Comcast doesn't prompt users to create a unique PIN, which it apparently does to make people's lives easier. When reporters contacted the company, it said that it was working on a fix for the PIN-based solution.

In a statement sent to Engadget, a Comcast representative said that "We have already implemented a solution that provides additional safeguards around our porting process, and we're working aggressively towards a PIN-based solution."

As usual, the advice to everyone is to not reuse passwords, keep things switched up on the regular and make sure critical accounts are secure. And hope that Comcast can afford to hire someone who knows a thing or two about passwords, like any pre-schooler who built their own pillow fort.

Updated March 1st, 8:43 to include statement from Comcast.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Google is testing a way to activate Assistant without wake words

Google is testing a way to activate Assistant without wake words

View
Google Fi's phone subscription gets you a Pixel 4a for just $15 per month

Google Fi's phone subscription gets you a Pixel 4a for just $15 per month

View
NASA shares first images from OSIRIS-REx's touchdown on Bennu

NASA shares first images from OSIRIS-REx's touchdown on Bennu

View
California Uber drivers sue company over Prop 22 app notifications

California Uber drivers sue company over Prop 22 app notifications

View
Jabra's ANC update for the Elite 75t earbuds is now available

Jabra's ANC update for the Elite 75t earbuds is now available

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr