Comcast says that personal information belonging to nearly 36 million Xfinity customers was compromised in a mid-October data security breach. The attackers exploited a known buffer overflow vulnerability that allows data disclosure in Citrix NetScaler ADC and NetScaler Gateway; the vulnerability has been dubbed Citrix Bleed. Citrix released patches for the issue on October 10; Xfinity waited between 6 and 9 days to apply the patches. More https://www.govinfosecurity.com/comcast-ties-breach-affecting-36m-customers-to-citrix-bleed-a-23936
