Numerous Comcast Xfinity email accounts have been hacked in a massive two-factor authentication bypass campaign, with the compromised accounts leveraged for resetting the passwords for other services, reports BleepingComputer.
Notifications alerting Xfinity email users regarding changes in their account information have been sent by attackers beginning Dec. 19, and users who initially could not access their accounts due to changed passwords eventually discovered their accounts to be hacked and include a secondary email at the @yopmail.com domain.
Such an attack was successful despite the implementation of two-factor authentication by Xfinity users.
Credential stuffing attacks have been used by attackers to perform the intrusions, according to a security researcher who said that threat actors may be leveraging a privately circulated OTP bypass to copy 2FA verification requests.
Attackers who have gained complete access to the email account then proceed to reset passwords for different online services, including Evernote, Dropbox, and the Coinbase and Gemini cryptoexchanges.
Xfinity is already looking for the source of the attack, said a customer in a Reddit post.
OpenSea has confirmed being impacted by a third-party security breach, marking the third attack against the major non-fungible token marketplace following a third-party hack and phishing incident in June 2022 and February 2022, respectively, SiliconAngle reports.
Nansen impacted by third-party breach BleepingComputer reports that Ethereum blockchain analytics firm Nansen has disclosed that its third-party authentication provider was impacted by a data breach, which resulted in the compromise of data from 6.8% of its user base over a 48-hour period.