A hacking group by the name of NullCrew FTS has wreaked havoc today on Comcast servers. The company provides cable television, telephone service, broadband internet to customers in 40 states, and happens to be the largest cable company and home ISP in the U.S. It goes without saying that millions of people use Comcast’s various services, people who trust the company with their data, which now may potentially be at risk. The group has hacked into 34 Comcast mail services, and according to them, all fell to one single exploit.
The exploit is claimed to have been used in accessing Zimbra LDAP and MySQL databases which contain user accounts and passwords. NullCrew FTS posted a list of what they had gained access to on Pastebin earlier today, but it has since been removed. All Comcast ISP users have a master account that can be accessed through Zimbra webmail to check payment information, account creation, e-mail settings and even services that can be purchased from the company. Even if a customer doesn’t use Comcast’s webmail service they have a master account. Its possible that the hacking group might have got their hands on user passwords as well as emails, so if you happened to use the same password across different online services, its best that you go ahead and change it right away.