Comcast bug made it shockingly easy to steal customers’ Wi-Fi passwords

By Jon Brodkin

Enlarge (credit: Comcast)

A security hole in a Comcast service-activation website allowed anyone to obtain a customer’s Wi-Fi network name and password by entering the customer’s account number and a partial street address, ZDNet reported yesterday.

Advertisement


The problem would have let attackers “rename Wi-Fi network names and passwords, temporarily locking users out” of their home networks, ZDNet wrote. Obviously, an attacker could also use a Wi-Fi network name and password to log into an unsuspecting Comcast customer’s home network.

Shortly after ZDNet’s story was published, Comcast disabled the website feature that was leaking Wi-Fi passwords. “Within hours of learning of this issue, we shut it down,” Comcast told ZDNet and Ars. “We are conducting a thorough investigation and will take all necessary steps to ensure that this doesn’t happen again.”

Read 10 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or perhaps you need web hosting for a mere $5.95/month?.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Advertisement