Xfinity irresponsibly uses the default 0000 code, the hacker steals the customer's phone number and buys a Mac.


In the last episode of consumers affected by security breaches of technology companies, it was found that Comcast's Xfinity Mobile wireless service set the customer's PIN to 0000 by default. The Washington Post (via The edge) One of the users whose phone number had been stolen due to Xfinity's low default PIN code even saw a hacker buy an Apple computer with his credit card.

In this case, the hacker was able to use the credit associated with the victim's Xfinity Mobile account, which remained in the file after the theft of the phone number. Comcast confirmed this story to The Washington Post.

The hacked user, from California, said the post office his phone number was hijacked and transferred to a new account, with his credit card still attached to the new phone. The hacker then used the card to buy a new Apple computer in Georgia.

The edge note that once a number has been transferred to another operator, Xfinity Mobile probably no longer has the power to help the victims.

On the Xfinity forums, a user who said that his number had been transferred indicated that Comcast had asked him to file a police report, but that the company had not helped him recover the number from his account. , probably because the number was already with another carrier. Comcast had no control over. Another user pointed out that two-factor authentication would not help in this case, as it would not prevent a hacker from transferring the number.

It's unclear how many users have stolen their phone numbers because of this oversight, but Comcast says it's "very small."

"We are aware of the very small number of customers affected by this problem, but even a customer affected by this problem is a customer too," said a Comcast spokesperson. the edge. The company added that it has increased security by transferring phone numbers to new accounts and "is aggressively working to find a PIN solution." It is also aimed at the customers concerned to help them solve the problem on a case by case basis.

However, the question that remains unanswered is why Xfinity Mobile initially used 0000 as the default PIN for clients.

At the end of last year, Kanye West accidentally revealed that he had used a similar password, 000000, for his iPhone.

Check 9to5Mac on YouTube for more information on Apple:

Source link