Watch CBS News

Report: Comcast Bug Could Have Exposed Your Wi-Fi Name And Password

Follow CBSPHILLY Facebook Twitter

PHILADELPHIA (CBS) -- A website Comcast uses to help customers set up internet service may have exposed customers' wi-fi names and passwords, according to a report by CNET.

ZDNet reported on May 21 that two security researchers, Karan Saini and Ryan Stevenson, found the bug. The bug can reportedly be "tricked into displaying the home address where the router is located, as well as the Wi-Fi name and password."

To access the info, ZDNet says that a person would need a customer's account ID and their house number--info easily available on a discarded bill or via email.

ZDNet says they tested out the bug with the permission of two Comcast customers and it revealed the Wi-Fi name and password in plaintext for one customer using an Xfinity router.

Meek Mill Shares Message Of Hope And How He Plans To Lead Criminal Justice Reform

"Although it's not believed the sensitive data can be used to access the router's settings, an attacker could use the information to access the Wi-Fi network within its range. On the network, an attacker could read unencrypted traffic from other users on the network," ZDNet says.

A Comcast spokesperson tells CNET  they already fixed the problem saying in a statement, "There's nothing more important than our customer's security. Within hours of learning of this issue, we shut it down."

According to CNET, if you go on to the Xfinity website, you now have to verify your username and password or a verification that will be sent to your phone.

 

 

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.