Comcast Used '0000' as Default PIN for Xfinity Mobile Customers, Leaving Them Vulnerable to Hacking

Comcast's Xfinity Mobile service used "0000" as a default PIN for all of its mobile customers, which left them vulnerable to hacking attempts, identity theft, and more.

Comcast's decision to use simple default PINs for all of its customers came to light in a "Help Desk" article from The Washington Post included one Comcast customer's tech horror story.

xfinitymobilelogo
Larry Whitted, an Xfinity Customer in California, had someone hijack his phone number, port it to a new account on another network, and steal his identity to commit fraud.

The thief put Samsung Pay on a new phone with Whitted's phone number and credit card then bought himself a computer at the Apple Store.

This was possible because Comcast does not ask its customers to create a PIN to secure their accounts to prevent them from being transferred to another carrier. Instead, Comcast uses the default 0000 code. From Comcast's support document:

We don't require you to create an account PIN, so you don't need to provide that information to your new carrier.

Taking control of a person's telephone number is a popular way to obtain logins for email, social media accounts, bank accounts, and more. Any site that uses a phone number as a way of authenticating data can be accessed when someone has your phone number.

Charismatic hackers who use social engineering techniques can often get access to phone numbers from customer service representatives who don't know any better, but many carriers have implemented PIN codes to make it more difficult. Not Comcast.

This has led to other Xfinity Mobile customers having their phone numbers hijacked as well, and with phone numbers used for so much, hackers can access a lot of a person's data.

Comcast says that it has since implemented new measures to make it harder to steal phone numbers and that it is "working aggressively" to create a PIN-based solution, something that common sense dictates should have been available from the time the service launched.

Comcast says that a "very small number" of its customers have been impacted by this issue, and rightly admits that having even "one customer impacted" is "one too many." Comcast claims that customers who were affected perhaps used passwords leaked in other data breaches

Tag: Comcast

Popular Stories

iPhone 17 Pro 34ths Perspective

iPhone 17 Pro Launching Later This Year With These 10 New Features

Sunday March 23, 2025 10:00 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
maxresdefault

Apple Releases iOS 18.4 With Priority Notifications, Ambient Music, New Emoji and More

Monday March 31, 2025 10:03 am PDT by
Apple today released iOS 18.4 and iPadOS 18.4, the fourth major updates to the iOS 18 and iPadOS 18 operating system updates that came out last year. iOS 18.4 and iPadOS 18.4 come two months after Apple released iOS 18.3 and iPadOS 18.3. Subscribe to the MacRumors YouTube channel for more videos. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to...
top stories 2025 03 29

Top Stories: WWDC 2025 Announced, iPhone 17 Pro and iOS 19 Rumors, and More

Saturday March 29, 2025 6:00 am PDT by
Apple's big developer event is a little over two months away, and rumors about what we can expect to see in Apple's next major operating system updates are becoming increasingly frequent. A public release of iOS 18.4 is also imminent with a number of updates and improvements, although we won't be getting the major Apple Intelligence Siri upgrades that had reportedly been planned for this...
Magic Mouse Green

What to Expect From the Magic Mouse 3

Saturday March 29, 2025 10:15 am PDT by
Apple is reportedly working on a new Magic Mouse. Below, we recap what to expect. The two key rumors for the Magic Mouse 3 so far include a relocated charging port, along with a more ergonomic design. It was briefly rumored that the Magic Mouse 3 would also feature voice control, but that was misinterpreted information. Relocated Charging Port While the Magic Mouse switched from...
iOS 18

iOS 18.4 Expected Next Week - Here Are the Release Notes

Friday March 28, 2025 2:01 pm PDT by
With the second release candidate of iOS 18.4 that Apple seeded out today, the company finally provided us with release notes that give a full rundown on what to expect. There's an Apple Vision Pro app, new Apple Intelligence features for notifications and additional language support, plus an Apple News Food feature for Apple News+ subscribers, and several updates that should improve the...
Foldable iPhone 2023 Feature Homescreen

Six Things to Know About Apple's Upcoming Foldable iPhone

Friday March 28, 2025 3:54 pm PDT by
We've been hearing rumors about a foldable iPhone for almost a decade now, but it looks like we might finally see the device come to fruition in 2026. We're going to be waiting many more months for the foldable iPhone, but so far we're hearing good things. Apple wants to make it creaseless. It's taken Apple multiple years to design a foldable iPhone that it's satisfied with because Apple ...
iOS 19 visionOS UI Elements

Apple Codename Provides Clue About iOS 19's Rumored New Design

Sunday March 30, 2025 6:40 am PDT by
Multiple sources have claimed that iOS 19 will introduce a new design with more translucent buttons, menus, notification banners, and more, and there is now another clue that points towards this glass-like appearance. Bloomberg's Mark Gurman today said the new design project is codenamed "Solarium" internally. A solarium is a room with glass walls that allow in plenty of sunlight, so this...
macOS Sequoia Feature

Apple Releases macOS Sequoia 15.4 With Mail Categorization and More

Monday March 31, 2025 10:04 am PDT by
Apple today released macOS Sequoia 15.4, the fourth major update to the macOS Sequoia operating system that launched in September. macOS Sequoia 15.4 comes two months after the launch of macOS Sequoia 15.3. Mac users can download the ‌‌macOS Sequoia‌‌ update through the Software Update section of System Settings. It is available for free on all Macs able to run macOS 15. With...

Top Rated Comments

npmacuser5 Avatar
80 months ago
Where exactly did we go wrong to get from there to here? Even into the early 2000s we operated PCs without user logins and passwords. The world is hardly recognisable now. What a sad story about humanity.
Going on for a longtime. 1970’s, rarely locked the doors in my neighborhood. Nothing ever went missing. Today deadbolts and security plus camera systems the normal.

The decline continues. A truly sad story.
Score: 8 Votes (Like | Disagree)
Cyberpower678 Avatar
80 months ago
Comcast: Security is for sissies. You don't really need a password, 2FA, or device security codes, bank PINs, thumbprints, or Face ID. We live in an honest world. Right? RIGHT?
Score: 6 Votes (Like | Disagree)
macduke Avatar
80 months ago
Classic Comcast. I would never expect anything better.
Score: 5 Votes (Like | Disagree)
notabadname Avatar
80 months ago
Going on for a longtime. 1970’s, rarely locked the doors in my neighborhood. Nothing ever went missing. Today deadbolts and security plus camera systems the normal.

The decline continues. A truly sad story.
Simply not true. Crime has been on the decline since the 90’s. Depending on crime type, its generally no different percapita than it was in the 70’s and acually, lower for burglury and vehicle threat. Your memory of the 70’s predated 24 hour news cycles. So we are simply more aware of crime. When you had only an hour of news in the 70’s, Walter Cronkite had to stick to the big stories.

The spreading of incorrect information continues. A truer sad story.

Stats ('https://en.m.wikipedia.org/wiki/Crime_in_the_United_States#/media/File%3AProperty_Crime_Rates_in_the_United_States.svg')
Score: 4 Votes (Like | Disagree)
Apple_Robert Avatar
80 months ago
I am not one to use the "sue" word very often. In this case, I believe Comcast earned it.
Score: 4 Votes (Like | Disagree)
StellarVixen Avatar
80 months ago
They should change it to "password" or 1234
Score: 4 Votes (Like | Disagree)