The forced password reset came after an independent security researcher spotted an ad on a Dark Web marketplace offering 590,000 Comcast subscriber email addresses and plaintext passwords for $1000 in bitcoins.
A Comcast representative said the company acquired the list of email addresses and discovered that only 200,000 of them were active, and is "working to get this fixed for those customers who may have been impacted," according to the Washington Post .... https://nakedsecurity.sophos.com
