One of Comodo's registration authorities was breached, but not Comodo themselves. Comodo were able to detect the breach and cut off the compromised RA because they were monitoring what their RAs were doing. Symantec, on the other hand, didn't know that their RAs were mis-validating certificates until I noticed and told them.

(Registration authorities are third parties that perform certificate validation on behalf of the CA. I think Comodo bears some responsibility for delegating validation to an RA that was compromised, but Symantec's conduct has been so much worse in comparison.)

It wasn't one but three authorities which have been breached.

And maybe you should disclose that you are a Comodo reseller.

I used to be a Symantec reseller too before I realized how bad they were. I only do business with CAs which I actually believe are good.