Apparently, Comcast has allowed several of its customer accounts to be hijacked in this manner, allowing fraudsters to ratchet up a sizable credit card bill. The report explains that Comcast doesn't prompt users to create a unique PIN, which it apparently does to make people's lives easier. When reporters contacted the company, it said that it was working on a fix for the PIN-based solution.
In a statement sent to Engadget, a Comcast representative said that "We have already implemented a solution that provides additional safeguards around our porting process, and we're working aggressively towards a PIN-based solution."
As usual, the advice to everyone is to not reuse passwords, keep things switched up on the regular and make sure critical accounts are secure. And hope that Comcast can afford to hire someone who knows a thing or two about passwords, like any pre-schooler who built their own pillow fort.
Updated March 1st, 8:43 to include statement from Comcast.