This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
08/10/2018
Flaw exposed Comcast Xfinity customers’ partial home addresses and SSNs
The State of Security
Poor security measures have reportedly put the personal details of Comcast Xfinity customers at risk, a researcher has revealed.
According to a BuzzFeed News report, security researcher Ryan Stevenson found a vulnerability in the high-speed ISP’s online customer portal that could allow unauthorised parties to determine the partial home address of customers.
The flaw was found in the “in-home authentication” webpage that customers could use to access their Comcast Xfinity bills without the hassle of logging in.
In-home authentication (also known as Home-Based Authentication, HBA, or IP authentication) is supposed to reduce the friction for customer attempting to access their accounts and reduce the number of password resets requested.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information