Latest in Gear

Image credit: SOPA Images via Getty Images

Xfinity Mobile PINs were left as '0000' by default

In the cases where fraudsters got access to people's data, they went wild.
178 Shares
Share
Tweet
Share
Save
SOPA Images via Getty Images

Sponsored Links

Comcast is a media and telecoms conglomerate that made close to $28 billion in the last three months of 2018. You would think that a company of that size, and wealth, would be able to avoid a security blunder akin to making all default passwords "password." Alas, according to The Washington Post, the company allowed its customers Xfinity Mobile accounts to be hijacked because the default PIN was... "0000."

Apparently, Comcast has allowed several of its customer accounts to be hijacked in this manner, allowing fraudsters to ratchet up a sizable credit card bill. The report explains that Comcast doesn't prompt users to create a unique PIN, which it apparently does to make people's lives easier. When reporters contacted the company, it said that it was working on a fix for the PIN-based solution.

In a statement sent to Engadget, a Comcast representative said that "We have already implemented a solution that provides additional safeguards around our porting process, and we're working aggressively towards a PIN-based solution."

As usual, the advice to everyone is to not reuse passwords, keep things switched up on the regular and make sure critical accounts are secure. And hope that Comcast can afford to hire someone who knows a thing or two about passwords, like any pre-schooler who built their own pillow fort.

Updated March 1st, 8:43 to include statement from Comcast.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
178 Shares
Share
Tweet
Share
Save

Popular on Engadget

US investigates escort and massage sites over human trafficking

US investigates escort and massage sites over human trafficking

View
Nissan envisions car-themed esports gaming chairs

Nissan envisions car-themed esports gaming chairs

View
AI can gauge the risk of dying from heart conditions

AI can gauge the risk of dying from heart conditions

View
OnePlus 7T Pro may debut on October 10th

OnePlus 7T Pro may debut on October 10th

View
'Minecraft' now has 112 million monthly players

'Minecraft' now has 112 million monthly players

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr