You may want to think twice before buying the Galaxy S10 from Xfinity
Xfinity Mobile can be a great alternative to the nation's big four carriers when looking for a place to buy a new iPhone or a high-end Samsung handset from. That includes the Galaxy S10, S10+, and S10e, all of which are still eligible for massive savings in the form of free $250 Visa prepaid cards at the Comcast-owned MVNO (mobile virtual network operator).
But as recently discovered by a number of existing Xfinity Mobile subscribers, the 2017-launched wireless service is shockingly open to security vulnerabilities. Seemingly taking a page out of Kanye West's risible device protection playbook, the carrier provides all user accounts with the same "0000" PIN default rather than locking every phone number behind a unique code. That's actually even worse than Kanye's notoriously bad iPhone authentication method, which had a few extra zeroes thrown in for good measure the last time the rapper visited the White House.
Due to Comcast's negligence, one Washington Post reader claims his Xfinity Mobile phone number was hijacked, switched to a new account on a different network, and used for the unauthorized purchase of an Apple computer. The payment was purportedly charged to the victim's own credit card, which somehow remained linked to the account created by the fraudster with another wireless service provider.
For its part, Comcast claims this horrifying affair was made possible by previous, non-Comcast related breaches of security, where a password belonging to the same user may have been revealed. In other words, the cable giant is not completely at fault here, although to its credit, it's admitting partial blame for this incident and a few others impacting a "very small number of customers."
Going forward, a unique "PIN-based solution" will be implemented to better protect Xfinity Mobile customers from such easy hacks. That's all well and good, but how could a tech company of Comcast's sheer size ever think "0000" was an acceptable way to secure mobile accounts?
Adrian, a mobile technology enthusiast since the Nokia 3310 era, has been a dynamic presence in the tech journalism field, contributing to Android Authority, Digital Trends, and Pocketnow before joining PhoneArena in 2018. His expertise spans across various platforms, with a particular fondness for the diversity of the Android ecosystem. Despite the challenges of balancing full-time parenthood with his work, Adrian's passion for tech trends, running, and movies keeps him energized. His commitment to mid-range smartphones has led to an eclectic collection of devices, saved from personal bankruptcy by his preference for 'adequate' over 'overpriced'.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: