Latest in Gear

Image credit: SOPA Images via Getty Images

Xfinity Mobile PINs were left as '0000' by default

In the cases where fraudsters got access to people's data, they went wild.
178 Shares
Share
Tweet
Share
Save
SOPA Images via Getty Images

Sponsored Links

Comcast is a media and telecoms conglomerate that made close to $28 billion in the last three months of 2018. You would think that a company of that size, and wealth, would be able to avoid a security blunder akin to making all default passwords "password." Alas, according to The Washington Post, the company allowed its customers Xfinity Mobile accounts to be hijacked because the default PIN was... "0000."

Apparently, Comcast has allowed several of its customer accounts to be hijacked in this manner, allowing fraudsters to ratchet up a sizable credit card bill. The report explains that Comcast doesn't prompt users to create a unique PIN, which it apparently does to make people's lives easier. When reporters contacted the company, it said that it was working on a fix for the PIN-based solution.

In a statement sent to Engadget, a Comcast representative said that "We have already implemented a solution that provides additional safeguards around our porting process, and we're working aggressively towards a PIN-based solution."

As usual, the advice to everyone is to not reuse passwords, keep things switched up on the regular and make sure critical accounts are secure. And hope that Comcast can afford to hire someone who knows a thing or two about passwords, like any pre-schooler who built their own pillow fort.

Updated March 1st, 8:43 to include statement from Comcast.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
178 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
California governor signs labor law meant to fix the gig economy

California governor signs labor law meant to fix the gig economy

View
India effectively bans e-cigarettes

India effectively bans e-cigarettes

View
What’s coming to Netflix in October: The 'Breaking Bad' movie

What’s coming to Netflix in October: The 'Breaking Bad' movie

View
Lamborghini’s crazy looking hybrid is more interesting under the hood

Lamborghini’s crazy looking hybrid is more interesting under the hood

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr