US cable giant Comcast has announced that 200,000 users will need to reset their passwords after a post appeared on the dark web offering 590,000 user emails and passwords for just $1,000.
Comcast has denied that it has been hacked and said that its systems were not compromised.
There has been speculation that many of the details on the list are based on recycled information derived from phishing attacks on other substantial data breaches on other companies.
Comcast has said that 60pc of the list is based on outdated information but as a precaution it is getting 200,000 still-active users to reset their passwords.
It said that its security teams will be contacting users on a case-by-case basis.
Comcast insists it was not hacked
“We’re taking this very seriously and we’re working to get this fixed for those customers who may have been impacted, but the vast majority of information out there was invalid,” Comcast said in a statement.
The company said it will not be offering credit-monitoring services to affected customers because its systems were not actually hacked.
Either way, in getting users of 200,000 records still active out of the 590,000 records to change their passwords, Comcast is playing it safe.
According to CSO, the seller of the list offered a brief list of 112 accounts as proof and was willing to charge a going rate of $300 per 100,000 accounts but the full list for $1,000.
Comcast image via Shutterstock