Comcast Xfinity Mobile Security Under Fire
Threat Level: 5
Xfinity Mobile, launched by Comcast back in 2017, is a service that uses an existing network paired up with the internet provider’s own Wi-Fi hotspots. Xfinity Mobile has become so popular that by the end of 2018, 1.2 million people were subscribed to its services. The main perk that it offers is the same great coverage at a lower price than what you’d be paying if you used a major carrier.
When Comcast first introduced Xfinity Mobile, they let customers easily transfer their existing phone number from their previous carrier by using a quick shortcut. They gave everyone a default PIN of “0000,” which made it much easier for their new customers to make the transition. By Comcast making it a PIN-less process, all the customer would need is their phone number. However, what they didn’t realize was instead of it being PIN-less, the PIN was set to a default of “0000” that applied to all customers.
Unfortunately, making this process easier for their customers also meant it was very easy for hijackers to steal people’s phone numbers and other important information. Once multiple customers realized that their phone numbers were being ported without their authorization, they came to realize that hackers were able to switch the numbers to their own accounts, by using the generic PIN “0000.” This then led the hackers to continue with stealing even more information, which ultimately led to a dangerous thread of identity theft.
Comcast said no more than 30 of their customers were affected by this threat, before they were able to fix the problem. They believe that majority of the people who were affected were the ones who reused the same password across multiple sites, and it is more of an industry issue, rather than specifically an issue with Xfinity Mobile. To fix this, Comcast now requires you to supply your current address, as well as your Xfinity Mobile account number, in order to transfer your phone number. They also plan to offer a real PIN-based system to its current and future customers, for even more protection.