The Xfinity Wi-Fi service from Comcast is disclosing the full name and home address of residential customers, which is something the company says isn’t supposed to happen.
The disclosure of such information increases an already exposed attack surface, by allowing anyone with malicious intent to selectively target their marks.
The following composite image shows residential customers with Xfinity Wi-Fi enabled. They are all in the same town, in the same state, and according to a public records search – none of them have ever been registered as a business. Please note: This image has been redacted by Salted Hash to remove the customer's last name, address, and the map markers which might identify their location.Click through to see how this all shows up when you search for Comcast Wi-Fi hot spots.
I recommend that anyone with Comcast Xfinity disagree their Wi-Fi IMMEDIATELY. Instructions are here. Run, don't walk to do this NOW.
You will need to buy your own wifi router (probably $39 at your local big box store like Wally World). Run an ethernet cable from your router's "WAN" port into an ethernet port on the Comcast box. Configure your own wifi, and you will be clean from Comcast stalkers.
The reason that I am so adamant that you need to do this is that the article has enough details to convince me that someone could use this to locate you, spoof your computer's network address, and then do something to incriminate you (say, launch an attack on homeland security.gov or download child pornography). I am convinced that the spoofing would fool whatever logging that Comcast is doing, so their lousy logging would implicate you.
And the punch line is that they just don't care. The researchers reported this to them and Comcast hasn't done bupkis to change this.