Comcast says it wasn't hacked, but hundreds of thousands of its customers may have been, forcing the cable giant to reset passwords to email accounts of about 200,000 customers, nakedsecurity reports.
The forced password reset came after an independent security researcher spotted an ad on a Dark Web marketplace offering 590,000 Comcast subscriber email addresses and plaintext passwords for $1000 in bitcoins. A Comcast representative said the company acquired the list of email addresses and discovered that only 200,000 of them were active.
The researcher Corey Wells tweeted a link to a Pastebin post from the vendor saying Comcast hasn't reset all of the passwords, and that "many of them still work just fine." However, the sale price of the Comcast data had been dropped to $200.