// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
Breach Record

Xfinity

DISCLOSED 2023-12-19 · UNPATCHED CVE · 36,000,000 RECORDS EXPOSED

Hackers exploited the Citrix Bleed vulnerability to access Xfinity customer data. Approximately 36 million customers had their names, contact information, and birth dates stolen. The breach was disclosed on December 19, 2023.

The record

What we know

Disclosed
2023-12-19
Attack vector
Unpatched Cve
Sector
telecommunications
Country
US
Records exposed
36,000,000
Domain
xfinity.com
Data classes exposed
namescontact infobirth dates
Sources

Cited reporting

Similar vector · recent

Other unpatched cve breaches on file

This page is the permanent ColdRecon entry for the Xfinity disclosure. It updates if new public reporting emerges. All tracked breaches →

Xfinity just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →