Slashdot Mirror

← Back to Stories (view on slashdot.org)

Social Search Reveals 700 Comcast Customer Logins

Posted by samzenpus on from the easiest-password-to-remember dept.

nandemoari writes "When educational technology specialist Kevin Andreyo recently read a report on people search engines, he decided to conduct a little 'people search' on himself. Andreyo did not expect to find much — so, imagine the surprise when he uncovered the user name and password to his Comcast Internet account, put out there for the entire online world to see. In addition to his personal information, Andreyo also discovered a list that exposed the user names and passwords of (what he believed) to be 8,000 other Comcast customers. Andreyo immediately contacted both Comcast and the FBI, hoping to find the ones responsible for divulging such personal information to the public. While the list is no longer available online, analysts fear that the document still lives on in various cache and online history services."

3 of 158 comments (clear)

  1. Not the first time by Anonymous Coward · · Score: 5, Informative

    I worked for comcast about 8 years ago and at the time they had a Remedy test account they used for various stuff. One day I decided to login to the ftp using the remedy account and sitting there was a year old file with every subscriber's login and password. And since the ftp site was the account's web site home folder, these were just sitting there available to everyone.

  2. Re:Aggressive Social Sites by z0idberg · · Score: 4, Informative

    You're not understanding the issue. Yes facebook etc. ask for your email password to get your contact list, but the issue the OP is talking about (though who knows if its true given its an AC who cant recall the original site) is that the site tries to use your supplied email address and the password you use *for that particular site* to try and login to your email account and get your contact list. So you aren't prompted for your gmail/yahoo/hotmail password. They just try to login to your email using your supplied email address and the password for that site. Sneaky given most(?) people use the same password across a wide range of places.

  3. Re:While the list is no longer available online by poopdeville · · Score: 5, Informative

    It is.

    http://66.218.69.11/search/cache?ei=UTF-8&p=%22ComCast+Mail%22++Kevin+Andreyo&fr=yfp-t-501&u=www.scribd.com/doc/9723141/ComCast-Mail&w=%22comcast+mail%22+kevin+andreyo&d=ZjZ_Sp2uSYep&icp=1&.intl=us

    Took about a minute to find.

    --
    After all, I am strangely colored.