FYI @videotron.ca 2 edits
2 recommendations |
FYI
Anon
2014-Feb-6 4:42 am
[E-mail] Comcast Mail servers hacked34 Comcast mail servers are victims to one exploit. Not known if more than 34 servers were hacked. NullCrew claims hack of Comcast mail servers » www.databreaches.net/nul ··· servers/"NullCrew did not dump any customer data in the paste." Another article on it (ZDnet) claims passwords were also dumped. But I did not notice this in the data dump that I saw (I *think* they withheld that part of the data from the dump). However, the exploit and the exploited servers were all posted online. Apparently Comcast took the mail servers down last night for a fix. It may be wise to change Email passwords in case some other group or people went exploring with the info given on how to exploit Comcast and got your passwords. Just an FYI and a heads up. See also ---> » UPDATE on COMCAST EMAIL HACK - READ THIS!» [E-mail] Email issue not being resolved. Looking for suggestions.... |
|
mediaguyPolitically Incorrect Premium Member join:2014-01-22 Guitar Town |
mediaguy
Premium Member
2014-Feb-6 8:18 am
[E-mail] Re: Comcast Mail servers hackedThanks for the info! Just one more reason to NOT use the Comcast mail servers, either incoming or outgoing. |
|
|
to FYI
I use Comcast SMTP server only as a smarthost but I am going to change my password asap.
Blob |
|
FYI @videotron.ca
1 recommendation |
FYI
Anon
2014-Feb-6 10:50 am
If anyone in this forums gets, or notices, a reply by Comcast in regards to this please post it, and the link if possible.
What's also important here is Comcast ignoring the data breach they have had, and not informing their valued customers. |
|
owlyn MVM join:2004-06-05 Newtown, PA |
owlyn
MVM
2014-Feb-6 11:36 am
Thanks to this thread, I changed my PWs earlier this morning.
Further research indicates it may have been their internal email that was hacked. |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P
|
to FYI
said by FYI :NullCrew claims hack of Comcast mail servers NullCrew also claims, "Zimbra sucks, didnt you know?" Fascinating, considering that Zimbra was once a Yahoo! property, and Yahoo! has had several breaches of email security. (In all fairness, Yahoo! sold Zimnbra to VMware, which later sold it to Telligent Systems.) |
|
1 recommendation |
to FYI
|
|
|
anonomeX to FYI
Anon
2014-Feb-6 1:10 pm
to FYI
I have an account. The account has a default email address (username@...) associated with it, as well as the account password--which is not specific to email. So, is this supposed "hack" related to primary account/email data/passwords? or to secondary email addresses/passwords attached to an account? (or both) That's what I wonder about... |
|
|
FYI @videotron.ca |
FYI
Anon
2014-Feb-6 4:09 pm
@anonomeX, who knows. Comcast doesn't care enough to even state anything.
Maybe all their servers are still owned. We just don't know. Not like they cared enough to addressed anyone's concerns or make a statement in regards to the hack.
Best to assume it's all still vulnerable and non-secure till they address it and inform people their accounts are safe. |
|
your moderator at work
hidden :
|
|
to FYI
Re: [E-mail] Comcast Mail servers hackedI don't understand why giant companies like Comcast do not communicate a lick of anything when stuff like this happens.
I remember when I used to live in Canada, a small isp by the name of TekSavvy would send you emails well in advance -before any downtimes for server upgrades or whatever. I always appreciated a heads up. One of the things I took for granted. |
|
|
said by kungFUchimp:I don't understand why giant companies like Comcast do not communicate a lick of anything when stuff like this happens. Finally, an official response/comment from Comcast: Comcast: No Evidence That Personal Sub Info Obtained By Mail Server Hack Were Aware Of The Situation And Are Aggressively Investigating It, MSO SaysBy Jeff Baumgartner, Multichannel News - February 7, 2014 » www.multichannel.com/dis ··· k/148169quote: Comcast said it is investigating a claim by a hacker group that claims to have broken into a batch of the MSO email servers, but believes that no personal subscriber data was obtained as a result.
Were aware of the situation and are aggressively investigating it, a Comcast spokesman said. We take our customers privacy and security very seriously and we currently have no evidence to suggest any personal customer information was obtained in this incident.
|
|
FYI @videotron.ca |
FYI
Anon
2014-Feb-8 12:01 am
said by telcodad:Finally, an official response/comment from Comcast:
Comcast: No Evidence That Personal Sub Info Obtained By Mail Server Hack ... It will be lots of mud in their face if this hacktivist group releases more info in another data dump. But then again, this doesn't appear to be their style, though they may release some to prove a point. Like they just did with Bell Canada. At around 10-am this morning from this group: LOL @comcast put their servers back up and they're STILL vuln. They must really care about their customers privacy.It's almost as if comcast is taunting them by saying, "prove you took more info than what was in the data dump. Till then we are not even telling our customers to change passwords". Don't know how smart of a move that is. |
|
|
Auth_Server
Anon
2014-Feb-8 1:59 am
said by FYI :t's almost as if comcast is taunting them by saying, "prove you took more info than what was in the data dump. Till then we are not even telling our customers to change passwords".
Don't know how smart of a move that is. Considering that Comcast uses the customer's email credentials to authenticate access for more than just email (VOD, Premium service videos, WiFi access, et al), it seems that it is very likely that Comcast does its authentication on a central authentication server, rather than trying to sync authentication credentials on multiple servers for multiple unrelated services. In that case, the customer authentication credentials may not even be stored on the Zimbra servers that are the subject of this thread; and if that is the case, then customer authentication credentials would not be at risk by this particular exploit. |
|
owlyn MVM join:2004-06-05 Newtown, PA Netgear CM2050V Netgear RBRE960 Netgear RBSE960
|
owlyn
MVM
2014-Feb-8 8:06 am
said by Auth_Server :Considering that Comcast uses the customer's email credentials to authenticate access for more than just email (VOD, Premium service videos, WiFi access, et al), it seems that it is very likely that Comcast does its authentication on a central authentication server, rather than trying to sync authentication credentials on multiple servers for multiple unrelated services. In that case, the customer authentication credentials may not even be stored on the Zimbra servers that are the subject of this thread; and if that is the case, then customer authentication credentials would not be at risk by this particular exploit. That is likely NOT the situation. If the authentication service goes down, then no one can get to anything. That would be a nightmare for Comcast phone centers. Plus, building something like that would require a lot of interaction between many departments at Comcast. Not something they are good at. |
|
|
Auth_Server
Anon
2014-Feb-8 11:55 am
said by owlyn:That is likely NOT the situation. If the authentication service goes down, then no one can get to anything. That would be a nightmare for Comcast phone centers. Plus, building something like that would require a lot of interaction between many departments at Comcast. Not something they are good at. Actually, a central authentication server is simpler and requires less interaction between multiple services that require authentication using the same credentials. With each service maintaining its own authentication database, you have to try to synchronize those individual databases every time a user changes their password; think of the customer service problems that would cause when a customer changed their email password, and then lost access to VOD, WiFi, et al. I don't know how Comcast handles user authentication internally, but a central authentication server is simpler than synchronizing multiple services, and is a more secure method. The fact that when you go to their webmail server at xfinityconnect.mail.comcast.net, you are actually redirected to login.comcast.net to do the authentication (and that authentication is then active for all of their services) does seem to point to their use of a central authentication service. |
|
FureverFurryRIP Daphne: 3/12/05 - 6/19/12 Premium Member join:2012-02-20 49xxx |
to FYI
Might this hack have anything to do with suddenly getting many daily "russian bride" spam emails that - as a senior citizen - I find porno? Trust me, I don't go to those kinds of websites. (Yup, I report all of the spam.) |
|
FYI @videotron.ca |
FYI
Anon
2014-Feb-8 2:42 pm
said by FureverFurry:Might this hack have anything to do with suddenly getting .... The method of the hack, the exploited servers, and so forth are now in the wild and world wide web. Comcast security would best be able to answer that question. All Comcast had to state was, "No Evidence That Personal Sub Info Obtained By Mail Server Hack". That doesn't say much. Also, does Comcast consider your Email address as "Personal Sub Info"? I don't know enough about the US to answer that. In some jurisdictions an Email address is not considered personal subscriber info. Some jurisdictions consider an Email address open to the public like your name and address in a phone book. Comcast abuse and/or security should clarify all this for you. |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA |
to FureverFurry
|
|
FureverFurryRIP Daphne: 3/12/05 - 6/19/12 Premium Member join:2012-02-20 49xxx |
I send the complete headers and email to both Comcast AND to SpamCop. |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P
|
I am a Spamcop reporter, as well. About once every third month, or so, a stray lands in an Inbox, and I use the ESP "report spam" utility; but most is consistently dumped into "Bulk Mail" (AT&T-Yahoo!), "Junk" (MSN-Outlook.com), or "Spam" (Sonic.net-other ESP) folders. |
|
your moderator at work
hidden : Other reason
|
JJ Johnson Premium Member join:2001-08-25 Fort Collins, CO |
to mediaguy
Re: [E-mail] Re: Comcast Mail servers hackedsaid by mediaguy:Thanks for the info! Just one more reason to NOT use the Comcast mail servers, either incoming or outgoing. I thought Comcast virtually required its customers to use their outgoing SMTP server by blocking the standard SMTP port 25. |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P
|
said by JJ Johnson:I thought Comcast virtually required its customers to use their outgoing SMTP server by blocking the standard SMTP port 25. A port 25 block would not affect smtp.mail.yahoo.com:465 access. |
|
train_wreckslow this bird down join:2013-10-04 Antioch, TN |
or 587 |
|
|
to JJ Johnson
Yep, because spambot code to utilize port 25 outgoing/no authentication is very small and not htat hard to hide. using 587, etc. with SSL helps to stop the bots |
|