Up to 14 million Verizon subscribers may have had their sensitive data exposed by Nice Systems, a partner of Verizon, reports ZDNet. Subscriber records from users who called customer service over the past six months were located on an unprotected Amazon S3 storage server controlled by Verizon partner Nice Systems.

The data, which included customer names, phone numbers, home addresses, email addresses, and account PINs, was accessible to anyone who found what ZDNet says was an easy-to-guess web address. That PINs were made available is concerning as a PIN is what's used to verify a customer's identify and make changes to an account.

verizonlogo

The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can "realize intent, and extract and leverage insights to deliver impact in real time." Verizon uses that data to verify account holders and to improve customer service.

There were six folders for the months between January 2017 and June 2017, which included customer calls from several different US regions. Records included "hundreds of fields of additional data" beyond name, phone number, and PIN, like current account balance, a list of Verizon services, and more. No audio files were found, though the log files were based on calls. Some of the data was masked, but it's not clear what was hidden and what was exposed.

Verizon was informed of the leak in late June and it took more than a week for the information to be secured. Verizon told ZDNet it is investigating how information was improperly stored on the Amazon Web Services server. The company also said the "overwhelming majority" of the data has "no external value" and there's "no indication that the information has been compromised."

"Verizon provided the vendor with certain data to perform this work and authorized the vendor to set up AWS storage as part of this project," said a spokesperson. "Unfortunately, the vendor's employee incorrectly set their AWS storage to allow external access."

Verizon customers who have called in to customer support over the course of the last six months should update their PINs as a precaution.

Update: Verizon released a press statement clarifying that no one accessed the data, so there was no theft or loss of customer information. Verizon also says that only 6 million unique customers were affected and those customers were part of its residential and small business wireline.

Tag: Verizon

Top Rated Comments

keysofanxiety Avatar
75 months ago
Fake news. None of that information was ever protected in the first place. Literally almost each and every thing about all of us is known - to those who want to know it.

We have no privacy in the digital age, 'hacked' or not. It is all available.
Cool. In which case I'm sure you don't mind publically sharing your full name, phone number, email address and home address with us?

Allowing such information to become available to the public by simply following a URL which wasn't secured is far from "fake news". It's very much real news and very much an oversight that could have been easily avoided.
Score: 15 Votes (Like | Disagree)
mudflap Avatar
75 months ago
Can you hack me now?
Score: 13 Votes (Like | Disagree)
keysofanxiety Avatar
75 months ago
Coincidence that your username is keysofanxiety? I only meant to imply that any fear from this leak is the fake news. Everyone could know your address if they wanted to. Snapchat geocodes you. FB geotags you. Your phone tracks everywhere you go. Even this forum has your IP address and could make a discernible guess as to your location. Take pictures? The EXIF data extracted from those would give every location of any picture you've ever taken and posted to Instagram, etc.

And that's not even mentioning all of the rights we toss away whenever we click "I agree" to those lengthy TOS agreements that nobody ever reads. Or to say anything of the Patriot Act and the loss of those civil liberties.

People shouldn't get scared by this Verizon leak - that moment passed about 15 years ago.
All of that is true, yet it doesn't mean making such information readily available is appropriate.

There seems to be these sorts of comments every time there's any type of privacy leak and frankly I'm sick of reading it. "Who cares, if you're part of Google's ecosystem, or use Facebook, people know this stuff anyway. You think you're safe? LOL."

It's a hugely dismissive argument. Yes, people can always find stuff about you if they look hard enough or have the sufficient knowledge. There's no such thing as 'real privacy' on the Internet; nobody is denying that. But that doesn't somehow justify even more people or companies making it easier to do so.
Score: 9 Votes (Like | Disagree)
WRChris Avatar
75 months ago
Coincidence that your username is keysofanxiety? I only meant to imply that any fear from this leak is the fake news. Everyone could know your address if they wanted to. Snapchat geocodes you. FB geotags you. Your phone tracks everywhere you go. Even this forum has your IP address and could make a discernible guess as to your location. Take pictures? The EXIF data extracted from those would give every location of any picture you've ever taken and posted to Instagram, etc.

And that's not even mentioning all of the rights we toss away whenever we click "I agree" to those lengthy TOS agreements that nobody ever reads. Or to say anything of the Patriot Act and the loss of those civil liberties.

People shouldn't get scared by this Verizon leak - that moment passed about 15 years ago.
Nothing about this is fake news. Do you know what that even means?

Also your assumption that everyone who uses Verizon customer service uses those other services you talked about seems ludicrous.

Should we not know that our PINs may be in the hands of someone other than the account holder or Verizon?
Score: 5 Votes (Like | Disagree)
Vasilioskn Avatar
75 months ago
Anyone who says “fake news” is usually full of **** these days.
Score: 4 Votes (Like | Disagree)
Mick-Mac Avatar
75 months ago
"may have had their sensitive data exposed by Nice Systems"
after translating from Marketing to English becomes:
"had their sensitive data exposed by Nice Systems"
Score: 2 Votes (Like | Disagree)

Popular Stories

iPhone 15 Pro Buttons CAD Leak

iPhone 15 Pro Low-Energy Chip to Allow Solid-State Buttons to Work When Device is Off or Out of Battery

Wednesday March 29, 2023 1:54 am PDT by
The iPhone 15 Pro and Pro Max will use a new ultra-low energy microprocessor allowing certain features like the new capacitive solid-state buttons to remain functional even when the handset is powered off or the battery has run out, according to a source that shared details on the MacRumors forums. CAD-based render of new solid-state buttons on iPhone 15 Pro models The source of this rumor is ...
maxresdefault

Apple Announces WWDC 2023 Event Taking Place June 5 to 9

Wednesday March 29, 2023 9:58 am PDT by
Apple today announced that its 34th annual Worldwide Developers Conference will take place from Monday, June 5 to Friday, June 9. Like WWDC 2020, 2021, and 2022, WWDC 2023 will be an online event for the most part, and it will be open to all developers at no cost. Subscribe to the MacRumors YouTube channel for more videos. Apple will provide online sessions and labs, which will allow...
iPhone 15 Pro Multi Purpose button Mute Switch Feature Green 2

iPhone 15 Pro Rumored to Feature Multi-Use Action Button Instead of Mute Switch

Wednesday March 29, 2023 7:28 am PDT by
iPhone 15 Pro and iPhone 15 Pro Max models are rumored to feature a customizable Action button like the Apple Watch Ultra, according to a MacRumors forum member who leaked accurate details about the Dynamic Island on iPhone 14 Pro models last year. The source claimed the Action button will replace the Ring/Silent switch that has been included on every iPhone model since 2007. They did not...
iOS 16

Apple Releases iOS 16.4 With New Emoji, Safari Web Push Notifications, Beta Changes, Voice Isolation for Calls and More

Monday March 27, 2023 10:03 am PDT by
Apple today released iOS 16.4, the fourth major update to the iOS 16 operating system that initially came out last September. iOS 16.4 comes two months after the launch of iOS 16.3, an update that added Security Keys for Apple ID. iOS 16‌.4 and iPadOS 16.4 can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. It can take a few minutes...
Apple Music Classical

Apple Explains Why It Launched an iPhone App Dedicated to Classical Music

Monday March 27, 2023 8:54 pm PDT by
Apple today published a support document explaining why it decided to release a standalone Apple Music Classical app for classical music. In short, Apple says the app was designed to support classical music's complex metadata:Classical music is different. It has longer and more detailed titles, multiple artists for each work, and hundreds of recordings of well-known pieces. The Apple Music...
iOS 16

Apple Seeds First Betas of iOS 16.5 and iPadOS 16.5

Tuesday March 28, 2023 10:15 am PDT by
Apple today seeded the first betas of upcoming iOS 16.5 and iPadOS 16.5 updates to developers for testing purposes, with the software coming a day after the launch of iOS 16.4 and iPadOS 16.4. Registered developers can opt in to the betas by opening up the Settings app, going to Software Update, tapping on the "Beta Updates" option and toggling on the iOS 16 Developer Beta. Note that an...
home upgrade available feature

PSA: Apple Has Made Its New Home Architecture Update Available Again

Tuesday March 28, 2023 1:50 am PDT by
Apple has made the option to upgrade to new Home architecture available again with the release of iOS 16.4, iPadOS 16.4, and macOS Ventura 13.3, after it temporarily pulled the update in December. After updating Apple devices to the latest software, users can once again opt to upgrade any homes set up in the Home app to the new Home architecture, which Apple says brings faster, more reliable ...