Comcast usernames found on file-sharing site

Share this content:

Comcast is doing some clean-up work this week on a recently discovered data breach.

An initial list of 8,000 Comcast usernames and passwords was unearthed over the weekend on the document-sharing Web site Scribd. Comcast was alerted to the list Monday and immediately had it pulled down for analysis, said Charlie Douglas, director of communications for Comcast's high-speed Internet product. The company is now working with “the proper authorities” to investigate the leak.

After some analysis of the list, Comcast has declared that the actual number of legitimate names and passwords on the list is closer to 700 — the others are expired, repeats or otherwise unusable. The “lack of structured information” in the online list has led Comcast to point fingers at phishing scams or bots.

“We have no reason to believe that it [the list] is from within Comcast,” Douglas said. “The document in that initial analysis looked like jumbled data collected from a phishing scam or bot or some kind of machine. The list was full of duplicative or erroneous information, so that suggested to us that it was not a polished document.”

Since Monday, Comcast has been contacting by telephone customers whose usernames were identified on the list. The calls are to walk customers through a step-by-step process for creating safe passwords and downloading McAfee Security software — which is offered for free to all Comcast customers. The company is also freezing the e-mail accounts of customers on the Scribd list.

“This sort of thing happens all the time on the Internet,” noted Douglas, “and people have to be vigilant. These kinds of attacks happen, and we fight them, and we have a dedicated team to do that. Our director of security gives radio tours, and we did a satellite media tour around safe shopping at the holidays, and we will probably do another one.”

Comcast maintains a security site at, which contains information on indentifying and avoiding phishing attacks, choosing strong passwords and other online safety measures.

The New York Times has reported that the list was up on the site, unprotected, for two months before being discovered and taken down. The paper also said that the list had been viewed close to 350 times and downloaded 27 times. Douglas said Comcast had received no customer complaints or reports of the data being misused.


Next Article in Email Marketing

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above