Xinfinity, a subsidiary of the Comcast Corporation, published names, phone numbers, and addresses of nearly 200,000 customers who paid a fee to keep their numbers unlisted.
These customers pay a minimum monthly fee of $3.50 a month to keep their number unlisted from telephone and online directories. These names and numbers were published on Ecolisting.com, a directory run by Comcast, which were then picked up by unauthorised third-party directories.
Comcast identified this issue in November when they closed the online directory service and gave $100 credits to affected customers and advised them to change the phone numbers at no extra cost.
"We have corrected this issue for our identified customers, apologized to them for this error, and given them an additional $100 credit. We are working with our customers directly to address this issue and help make it right, and are taking steps to prevent this from happening again," said a Comcast spokeswoman.
"Please note that even though Comcast quickly removed your information from Ecolisting.com, there is a possibility that your information was accessed by visitors to the Ecolisting.com website while it was available. As a result, this information could be available on online directories or through other public sources that Comcast does not control," the company said in a notice to customers.
Affected customers may sue Comcast for exposing their phone numbers
However, to Xinfinity customers, this data leak was more than just ‘inconvenience’ as the company’s customer base included judges, law enforcement officers, and domestic abuse victims. Few of the customers from the Comcast support group said that they are planning to file complaints with their state attorney general's office.
"Without going into details on this forum, Xfinity has compromised the safety of myself and my family by publishing my identifying information for others to see. Simply providing a $100 credit is not good enough considering the mess I am going to have to deal with. People have the right to be upset considering they were paying for service that was not provided, I suspect that Xfinity is liable," an affected customer wrote on the Comcast support forum.
Lawrence Pacheco, a spokesman for the Colorado Attorney General’s Office, said that they haven’t received any complaints against Xinfinity yet; however, customer can submit their complaints to stopfraudcolorado.gov. “Complaints about telecommunications providers is one of the top 10 complaints our office received last year,” he added.
This is not the first instance where Comcast failed to protect customer privacy. In 2015, the company agreed to pay $33 million as settlement for releasing the names, addresses and phone numbers of 75,000 people over a period of two years who paid to keep the information private. Comcast paid $100 each to 75,000 customers who were affected.