Jun 252018

Zack Whittaker reports:

A little-known page on Comcast’s Xfinity website was exposing customers’ account information to anyone — or any app — on a customer’s network.

An anonymous security researcher dropped ZDNet an email, explaining that an API used by the internet giant could be tricked into returning customer data, including account numbers, a customer’s home address (which can be used to pinpoint a person’s location), account type, and any services enabled on the line, including if a home security setup is active.

Read more on ZDNet.

Sorry, the comment form is closed at this time.