The New York Times has reported that a list of over 8,000 Comcast user name and passwords were available to the public via Scribd for two months, before a Wilkes University professor discovered it over the weekend after doing a search for his identity online. The man who discovered it, Mr. Andreyo, was reading a recent article in PC World entitled “People Search Engines: They Know Your Dark Secrets… And Tell Anyone,” when he was inspired to find out what information about him was online. He searched for his own e-mail address on the search engine Pipl.
Comcast said it did not believe the information came from inside the company, pointing to duplicated data on the list and the lack of structured information like account numbers. “We have no reason to believe this came from Comcast. It looks like a phishing or related type of scheme,” said Jennifer Khoury, a Comcast spokeswoman. (Asked about this possibility earlier today, Mr. Andreyo said that he doubted he was ever the victim of a phishing scheme.). Comcast also says the list of exposed customer IDs is closer to 4,000, given duplicates on the list.
Comcast said it did not believe the information came from inside the company, pointing to duplicated data on the list and the lack of structured information like account numbers. “We have no reason to believe this came from Comcast. It looks like a phishing or related type of scheme,” said Jennifer Khoury, a Comcast spokeswoman. (Asked about this possibility earlier today, Mr. Andreyo said that he doubted he was ever the victim of a phishing scheme.). Comcast also says the list of exposed customer IDs is closer to 4,000, given duplicates on the list.