"Researchers Discover Exposed Comcast Database Containing 1.5 Billion Records"
The WebsitePlanet research team, in collaboration with Jeremiah Fowler, a security researcher, discovered a database containing more than 1.5 billion records without password protection. The database consists of references that suggest that it belongs to the cable and internet giant Comcast. The records exposed by the database included dashboard permissions, logs, client IPs, email addresses, and hashed passwords. Attackers can gain insight into the internal functionality, logging, and network structure using the remote and internal IP addresses, node names, and other details revealed by the unprotected database. The email addresses and passwords exposed by the database belonged to Comcast's Development team. According to the research team, the server also exposed alerts, job scheduling records, and error logs that showed cluster names, device names, as well as privileged internal rules and tasks. This article continues to discuss the discovery of a non-password protected Comcast database containing 1.5 billion records, the type of information exposed by the database, the malicious activities that could be performed by cybercriminals through the abuse of this information, and how Comcast responded to the research team's findings.