Cyber Threat Actor: Comcastkids

The threat actor is known by the aliasesComcastkids and Comcast, with publicly available information indicating an operational base in the United States of America. These names have been used in open‑source reports to refer to a group of individuals collaborating on cyber intrusions. No further details about the actor’s structure, size, or internal organization are provided in the source material.

On October 9 2015, the group identified as Comcastkids compromised the website shopatsullivan.com, resulting in the exfiltration and public dumping of more than ten thousand user accounts. The incident was described as a hack of the online retail platform, with the stolen data subsequently released. This event represents the only publicly documented operation attributed to the alias set in the supplied context.

Beyond the 2015 shopatsullivan.com breach, the source material does not reference any additional campaigns, targets, or techniques linked to Comcastkids or Comcast. Consequently, no statements can be made about their typical victim sectors, geographic focus, strategic objectives, malware usage, initial access methods, or affiliations with state or criminal entities. The absence of further reports means that any characterization of their broader activity would be speculative and therefore omitted.

Based solely on the verified facts presented, the profile of Comcastkids/Comcast remains limited to the alias set, the U.S. location, and the single documented data‑dump incident involving shopatsullivan.com. No additional confirmed details about their operations or capabilities are available from the provided information.