Tom Olzak

Is Comcast Pulling Wool?

In Business Continuity, Data Security, Insider risk, Risk Management on March 17, 2009 at 18:36

Reports of data breaches aren’t uncommon.  And explanations are typically slow in coming, but most large organizations fall on the proverbial sword and admit their security controls played a role in presenting an opportunity to the attacker.  However, the Comcast approach seems a little different… take no responsibility and blame user carelessness.

Comcast now believes a phishing or malware scam is to blame for exposing hundreds of its customers’ user names and passwords. A list containing around 8,000 names was discovered by a PC World reader this week and brought to the company’s attention.

The list, which had been posted on document sharing site Scribd, was found by Kevin Andreyo — a educational technology specialist and university professor in Reading, Pa. Andreyo read our recent report on people search engines and decided to follow its suggestions to see what kind of dirt he could dig up on himself. While detailed personal information is common to those types of searches, Andreyo never expected to come across his actual user name and password for his Internet service provider.

Source: Comcast: Exposed User Data Not From Internal Leak, PC World, 17 March 2009

This might have happened, but how can Comcast be sure.  First, only 700 of the 8000 names were current.  The rest were either duplicates or old, inactive accounts.  So could this account information have been phished from unsuspecting users?  Absolutely.  But Comcast shouldn’t stop there.

If the managers at Comcast were truly concerned, if they aren’t actually blowing this off as a user ignorance issue, they should be aggressively looking for possible open attack paths to systems on which current customer information resides.  This would be more productive than what they might be doing… trying to pull the wool over our eyes.

%d bloggers like this: