Comcast is forcing around 200,000 customers to reset their passwords after a cache of user information showed up for sale on the Dark Web over the weekend, CSO reports.
The post of stolen information included 590,000 user names and addresses, only some of which were currently valid. The entire package went up for sale for $1,000, or $300 for 100,000 accounts.
The company was alerted to the marketplace offering on Saturday and immediately began comparing the data on the list against a current customer list. Accounts with information that matched the Dark Web database will be reset on a case-by-case basis.
The source of the data is still unknown. Dark Web commenters speculated that the data was recycled, categorizing the seller as a “scammer,” according to CSO.
The price of personal data on the Dark Web varies depending on the kind of information on offer.
According to a recent report from cybersecurity firm McAfee, a stolen credit card number in the U.S. only goes for between $5 and $30, depending on how much information it's associated with.
An ATM card with a high balance, meanwhile, goes for around $110.
A Comcast representative told CSO that its security teams were certain no company systems or apps had been compromised.