Can Comcast data files be broken into easily?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have been with Comcast for some years now.  I use a few of my email
accounts through them.  I've noticed that with my primary account I
suddenly start getting crap mail at a point.  This first happened a
few years ago when I started getting email to an account I never use
for mail, only as my primary account.  It had a real oddball name with
numbers and I've never used that particular name anywhere else, ever.
Earlier this year I changed my primary account to a different user
name and deleted that old one.  The new account I chose as my primary
account is one I only use for family members and very close personal
friends.  Now I'm starting to get advertising on this one.  I don't
get it.  The only thing that would explain this is that someone hacked
into Comcast's accounts and gets the names that way.  I'm tempted to
ask Comcast but hesitate because I'm sure they don't want it known if
such incidents do occur.

How possible is this, that someone hacks into their primary accounts
and harvests the primary email account names?

Re: Can Comcast data files be broken into easily?

Quoted text here. Click to load it

It is possible that someone has hacked into Comcast's systems that hold the
user account information. No system is or can be totally secure.

I think it is just as likely that someone has sold the list of Comcast
customers to spammers.

Re: Can Comcast data files be broken into easily?

On Wed, 28 Dec 2005 08:41:49 -0500, Edw  Peach wrote:

Quoted text here. Click to load it

Most likely not. Spammers have bots which crawl the internet and snarf
email addresses from web pages, usenet posts and other places.
Also, malware (viruses, trojans, worms,...) can check files on the
computer for email addresses and mail them home to the malware owner.

That is why I have seperate trash email accounts for friends,
ebusiness, family,...

That way if spam starts showing up, I have a group of people to notify
that they may be infected. I have never used the primary email addy
for anything until this Usenet auth bs.  :(

Once the spammer has a list of email addies he will strip the name off the
domain and add all the major ISP's comain and see how many new email
addies are found.


That is why I create email addy like

A note here. Anytime you create a bogus email/domain address, you need to
make it something like bogus34_addie_752@none.invalid.
That way it can be trashed by the postmasters receiving it very easily.

There is a real whois snippet follows:

owner-name:     nonenet
owner-address:  138 boulevard du chat qui ronronne
owner-address:  F-75022, Paris
owner-address:  France

Your post could cause extra work for the postmaster.  :(
Unless you realy have a email account.  :)

Re: Can Comcast data files be broken into easily?

On Wed, 28 Dec 2005, in the Usenet newsgroup, in article

Quoted text here. Click to load it

Agreed. I know of one disgruntled ex-employee of an ISP that had taken a
copy of the passwd file, and sold the (~100k) usernames, but even that is
pretty rare, mainly because the spammer pays very little.

Quoted text here. Click to load it

Another tactic has been grabbing names out of the telephone book, and trying
those with common alterations (lastname + initial or digit for example).

Quoted text here. Click to load it

Haven't seen that very often - it's more likely to result in a denial of
service (mail bomb) attack on the server where the klown is collecting
the data, given the speed that the common malware goes through the
dumb user community.

Quoted text here. Click to load it

Good concept

It used to be that we'd use /dev/random to create passwords for new
accounts with the usernames being the common first initial + last name
or last name + first initial or a number.   Now, I'm using /dev/random
to create public usernames, so they won't be found by dictionary attacks.

Quoted text here. Click to load it

   head -2 /dev/random | uuencode ZZZZ

   head -2 /dev/random | mimencode

then take the first 10 or twenty characters of the result. Only problem
is that usernames _MUST_ begin with a letter.

Quoted text here. Click to load it /

Using the 'invalid' domain causes the sending mail server to reject the
mail, because there never will be a top level domain with that name.
RFC2606 also lists 'test', 'example' and 'localhost', though 'invalid' is
the one recommended.  The RFC also lists '', '' and
'' as safe names to use when munging. Unfortunately, many
people grab some witty name out of mid-air, and think that it's OK,
without making any effort to see if it's not a real name used by some
company or organization. Using 'ping candidate.domain' is not a reliable
test, nor is attempting to connect to 'www.candidate.domain' - use 'whois'
data instead.

Quoted text here. Click to load it

as well as a lot of other domain names people use for munging.

        Old guy

Re: Can Comcast data files be broken into easily?

Quoted text here. Click to load it
Search google or email harvesters.  Accounts aren't always "hacked"

Re: Can Comcast data files be broken into easily?

I did call Comcast and the technician told me that probably someone's
address book was stolen.  The funny thing is I only use this one
account for two family members and perhaps five friends.  I NEVER use
it online or have anybody else write me with it.  I have other
accounts for that.

My account has other personalities and those don't get nailed.  I use
those accounts quite a bit, one for business.

My first account that was getting this mail was even stranger because
I never used it for email except for dealing with Comcast.  That's why
I thought the system/database might have been cracked at Comcast.

The mail I'm getting isn't all spam.  Some of it seems to be fragments
of conversations.  I really don't get this at all.

Here's one I got:

Want to know if australis was in the therefor or with the
Let me know
Jewel "

My address was added as a CC with about 15 other names.

Any ideas on this?

Re: Can Comcast data files be broken into easily?

Quoted text here. Click to load it

I have NEVER used my primary Comcast account for sending email, nor have I
given it out to ANYONE. As a result, I have received no spam on that
account, unless you include the Comcast advertising. I did create several
secondary accounts and use different addresses for different purposes. All
of them get SPAM to some extent.

I am inclined to agree with the Comcast technician. I you ever use or give
out an email address, it is at risk for harvesting by spammers. Even if it
just a return address on an email sitting in the inbox of a trusted friend,
that computer could be infected by malware and report out everything that
looks like an email address to some spammer.

Re: Can Comcast data files be broken into easily?

Quoted text here. Click to load it
Did you recognize any of the other names?

Re: Can Comcast data files be broken into easily?

Of course not.  ;)

Re: Can Comcast data files be broken into easily?

Robert Haar wrote:

Quoted text here. Click to load it

That's just part of it. Even if nobody you send an email to ever falls
victim to a worm or someone swiping their address book to sell to
spammers, you return address is in the clear on every email you send. Even
if it's encrypted. And even if you "munge" your From header and include
your real email in an encrypted message body, if anyone replies to you
your real email address is visible.

If you think there aren't underpaid techs at various points along the way
between you and people who you email with the know how to snarf addresses
and the motivation to mess with it, you're a fool.

Re: Can Comcast data files be broken into easily?

Edw. Peach wrote:
Quoted text here. Click to load it

Are any of those friends or family people who send jokes or pretty pictures to
everybody in their addressbook? I know I've got a few friends like that and I've
never been able to persuade them to take me off their list.

So if one person on that list is infected, all people on that list are

What about dictionary attacks like other posters suggested?

SBC has a system where you can add additional email addresses and drop them
later when you want to. I've also seen people use web-based email accounts
(YAHOO, GMAIL, ...) to do this.

You might set-up an account with Yahoo and filter the hell out of your main
account (assuming your ISP has filtering capabilities), tell your friends/family
about this address by snail mail or mouth. When that Yahoo account starts
getting spam, drop it and set-up another one.

I've also setup an address for anything I want to communicate back to me.
Newsletters, ecommerce validations, etc.

I use the public sink "" when I join a newsgroup. I wish I had
done that years ago. If I only knew better then, my main address wouldn't be so
useless now.


Dave Keays

Site Timeline