Comcast Tuesday downplayed the news that a list of user names and passwords for 8,000 customers had been exposed on a file-sharing Web site, telling
The New York Times and other news sources that only about 700 of the names were for active customer accounts and that it did not believe the data came from inside the company.
"We have scrubbed the list that was on ScribD and have found about 700 names that are user IDs that are for Comcast customers, not 8,000," said Jennifer Khoury, a Comcast spokesperson, in an e-mail to the Times.
ScribD, a document-sharing Web site, was where a Wilkes University Professor, Kevin Andreyo, first found the list. According to reports in the Times and other news sources, Andreyo contacted Comcast, the FBI and technology journalists after entering his address in the search engine Pipl and seeing the list of Comcast subscribers pop up on ScribD.
The document had disappeared from ScribD by the time ScribD was contacted about it on Tuesday, but the Times reported that before that, it had been viewed more than 345 times and downloaded 27 times.
"We have no reason to believe this came from Comcast. It looks like a phishing or related type of scheme," said Khoury to the newspaper.
Phishing attacks continue in greater number every year. Recently, cybercriminals impersonating the Canada Revenue Agency were able to convince victims to submit personal information, thinking it was for tax refunds and stimulus aid.
A late February Google blackout also precipitated a phishing scam on Gmail users, spread through a Google Talk message.
For more on phishing and other security scams to watch for, check out Channelweb's 25 Security Scams To Watch In the Down Economy.
