If you subscribe to Comcast’s Xfinity TV or Xfinity Internet services, now might be a good time to change your password. This week, the company issued a press release affirming it was the victim of a data breach after one of its software vendors discovered a security bug that was being actively exploited by hackers. The press release was issued when Comcast started notifying Maine regulators about the cybersecurity incident involving customer data theft, as required by state law. Comcast is expected to distribute similar notices in states with near-identical laws on the books and where it operates its Xfinity services. Here is a look at what exactly happened, what Comcast is doing about the situation, and what steps you need to take to protect yourself. Image: Comcast What happened? The situation began unfolding in early October at a software company called Citrix, which provides tech-related services to thousands of enterprise customers like Comcast. Specifically, Citrix discovered that one of its products, Citrix NetScaler, had a serious security bug that allowed hackers to grab authentication tokens from onboard memory devices using the software. What are authentication tokens? Imagine an “authentication token” as a single string of random letters and numbers that ultimately reveal a username and password — it’s a bit more complicated than that, but keep that analogy in mind. Once a hacker obtained the authentication token, they essentially had access to a company’s NetScal. platform. To make matters even worse, the same exploit was also found to affect…Comcast hit by huge data breach: everything you need to know