Comcast, one of the largest ISP’s in the United States, has a not-so-good data leak.

Comcast is one of the biggest ISP’s in the US but the company doesn’t quite have security down to a science it would seem.  According to a ZDNet article, the company is inadvertently leaking their customer’s wifi SSID and password in plain text.  For those uninitiated, an SSID is the broadcasting name of a wifi network.  The password is, well…, the password.

Apparently, if you have an individual’s house number and customer account number, you can get a user’s login information for their router through the customer activation portal.  The information you need to initiate the activation can be found on any discarded bill.  Simply enter the house number and account number in Comcast’s online activation portal and the router information will be displayed, regardless of whether the password has been changed.

Unfortunately, there is no way to fix the problem while using the Xfinity router.  But you can fix it by using a different router and turning off Comcast’s wifi broadcast.  This isn’t an ideal solution for all but it is a more secure way to fix your network as external wifi networks would not be affected.  ZDNet did manage to put the leak to the test.  Unsurprisingly, they were able to reproduce the problem.

The major concern for Comcast customers has more to do with nuisance than anything else.  Although no major sensitive information is on display, it is still a bad idea to have unknown people accessing your network.  They could lock you out of your own network, or worse, get access to sensitive data that you share on your network.  If you are a Comcast customer who’s concerned about your data, I suggest you pick up your own router and disable Comcast’s.  Or you could lock down any private information and just keep your current router.  In any case, the data is out there until Comcast fixes the leak.  Let’s hope they act soon.