Comcast feeling downcast?

Lots of people google themselves just to see what comes up. Recently, Kevin Andreyo, a professor in Reading, Pennsylvania, looked himself up using a people search engine. Instead of the anticipated dirt he expected to uncover about himself, he found a list of around 8,000 Comcast subscriber user names along with their passwords. After he contacted both Comcast and the FBI, that document can no longer be found online – except in cache and in online history services. The threat was made worse because the list was posted for at least two months before it was taken down.   

JR Raphael’s PC World article, "Comcast: Exposted User Data Not From Internal Leak" indicates that in those two months, almost 350 viewed it and some had gone so far as to download it to their PCs. I don’t think many people would disagree with Andreyo when he says, “I was surprised that, of all the people who had previously viewed it, no one thought to say, ‘Hey, take this down. This is private information.’”

The breach is not believed to have originated from an internal Comcast leak, but instead likely resulted from a phishing attack. If Comcast is correct, they estimate that “only” 700 of the 8,000 names are currently active. Personally, I think that’s 700 customers too many. This is just another reminder that we have to remain hyper-vigilant when it comes to keeping an eye on our data on the Internet - and also taking the time out – as Andreyo did – to report any security violations we uncover.