Verizon Partner Exposes Data of Millions of Customers Who Called Customer Service [Updated]

by

Up to 14 million Verizon subscribers may have had their sensitive data exposed by Nice Systems, a partner of Verizon, reports ZDNet. Subscriber records from users who called customer service over the past six months were located on an unprotected Amazon S3 storage server controlled by Verizon partner Nice Systems.

The data, which included customer names, phone numbers, home addresses, email addresses, and account PINs, was accessible to anyone who found what ZDNet says was an easy-to-guess web address. That PINs were made available is concerning as a PIN is what's used to verify a customer's identify and make changes to an account.

The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can "realize intent, and extract and leverage insights to deliver impact in real time." Verizon uses that data to verify account holders and to improve customer service.

There were six folders for the months between January 2017 and June 2017, which included customer calls from several different US regions. Records included "hundreds of fields of additional data" beyond name, phone number, and PIN, like current account balance, a list of Verizon services, and more. No audio files were found, though the log files were based on calls. Some of the data was masked, but it's not clear what was hidden and what was exposed.

Verizon was informed of the leak in late June and it took more than a week for the information to be secured. Verizon told ZDNet it is investigating how information was improperly stored on the Amazon Web Services server. The company also said the "overwhelming majority" of the data has "no external value" and there's "no indication that the information has been compromised."

"Verizon provided the vendor with certain data to perform this work and authorized the vendor to set up AWS storage as part of this project," said a spokesperson. "Unfortunately, the vendor's employee incorrectly set their AWS storage to allow external access."

Verizon customers who have called in to customer support over the course of the last six months should update their PINs as a precaution.

Update: Verizon released a press statement clarifying that no one accessed the data, so there was no theft or loss of customer information. Verizon also says that only 6 million unique customers were affected and those customers were part of its residential and small business wireline.

Tag: Verizon

Top Rated Comments

(View all)
Avatar
42 months ago

Fake news. None of that information was ever protected in the first place. Literally almost each and every thing about all of us is known - to those who want to know it.

We have no privacy in the digital age, 'hacked' or not. It is all available.

Cool. In which case I'm sure you don't mind publically sharing your full name, phone number, email address and home address with us?

Allowing such information to become available to the public by simply following a URL which wasn't secured is far from "fake news". It's very much real news and very much an oversight that could have been easily avoided.
Score: 15 Votes (Like | Disagree)
Avatar
42 months ago
Can you hack me now?
Score: 13 Votes (Like | Disagree)
Avatar
42 months ago

Coincidence that your username is keysofanxiety? I only meant to imply that any fear from this leak is the fake news. Everyone could know your address if they wanted to. Snapchat geocodes you. FB geotags you. Your phone tracks everywhere you go. Even this forum has your IP address and could make a discernible guess as to your location. Take pictures? The EXIF data extracted from those would give every location of any picture you've ever taken and posted to Instagram, etc.

And that's not even mentioning all of the rights we toss away whenever we click "I agree" to those lengthy TOS agreements that nobody ever reads. Or to say anything of the Patriot Act and the loss of those civil liberties.

People shouldn't get scared by this Verizon leak - that moment passed about 15 years ago.

All of that is true, yet it doesn't mean making such information readily available is appropriate.

There seems to be these sorts of comments every time there's any type of privacy leak and frankly I'm sick of reading it. "Who cares, if you're part of Google's ecosystem, or use Facebook, people know this stuff anyway. You think you're safe? LOL."

It's a hugely dismissive argument. Yes, people can always find stuff about you if they look hard enough or have the sufficient knowledge. There's no such thing as 'real privacy' on the Internet; nobody is denying that. But that doesn't somehow justify even more people or companies making it easier to do so.
Score: 9 Votes (Like | Disagree)
Avatar
42 months ago

Coincidence that your username is keysofanxiety? I only meant to imply that any fear from this leak is the fake news. Everyone could know your address if they wanted to. Snapchat geocodes you. FB geotags you. Your phone tracks everywhere you go. Even this forum has your IP address and could make a discernible guess as to your location. Take pictures? The EXIF data extracted from those would give every location of any picture you've ever taken and posted to Instagram, etc.

And that's not even mentioning all of the rights we toss away whenever we click "I agree" to those lengthy TOS agreements that nobody ever reads. Or to say anything of the Patriot Act and the loss of those civil liberties.

People shouldn't get scared by this Verizon leak - that moment passed about 15 years ago.

Nothing about this is fake news. Do you know what that even means?

Also your assumption that everyone who uses Verizon customer service uses those other services you talked about seems ludicrous.

Should we not know that our PINs may be in the hands of someone other than the account holder or Verizon?
Score: 5 Votes (Like | Disagree)
Avatar
42 months ago
Anyone who says “fake news” is usually full of **** these days.
Score: 4 Votes (Like | Disagree)
Avatar
42 months ago
"may have had their sensitive data exposed by Nice Systems"
after translating from Marketing to English becomes:
"had their sensitive data exposed by Nice Systems"
Score: 2 Votes (Like | Disagree)

Top Stories

'iPhone 12 mini' Name Reappears in Leaked Apple iPhone 12 Case Stickers

Friday September 25, 2020 1:58 am PDT by
Earlier this week a proven leaker claimed that the iPhone 12 lineup would be named "iPhone 12 mini," "iPhone 12," "iPhone 12 Pro," and "iPhone 12 Pro Max," and today the same nomenclature has appeared again in a photo depicting alleged stickers from unreleased Silicone iPhone cases originating from Apple's international distribution center in Ireland. The photo shows three stickers with the...

Top Stories: iOS 14 Feature Tour, 'iPhone 12 mini' Rumors, Apple Watch Band Controversy

Saturday September 26, 2020 6:00 am PDT by
Things started to calm down a bit this week following last week's rush of media event, Apple Watch and iPad launches, and the release of iOS 14 and other operating updates. But that doesn't mean there wasn't still a lot of news, from digging deeper into iOS 14 to more iPhone 12 rumors to the uproar over trying to exchange band sizes on the new Apple Watch. On top of all of that, we heard...

Apple Releases iOS 14.0.1 With Fix for Bug That Resets Default Apps After Rebooting

Thursday September 24, 2020 10:12 am PDT by
Apple today released iOS 14.0.1, the first update to the iOS 14 operating system that was released on September 16. Today's update is a bug fix update addressing issues that weren't able to be fixed in the initial iOS 14 launch. The iOS 14.0.1 update is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings > General > Software Update. ...

New Images Leak of iPhone 12 Braided USB-C to Lightning Cable

Thursday September 24, 2020 2:37 am PDT by
Rumors suggest Apple's upcoming iPhone 12 models will ship with a new Lightning to USB-C cable that includes a braided fabric design. Images of the purported cables were leaked in July, and today leaker Mr White has shared new images that give us a closer look at what we might get included in the iPhone 12 box. The photos show a USB-C to Lightning cable with a clearly braided design rather...

New Version of Microsoft Office Coming Next Year That Won't Require a Subscription

Thursday September 24, 2020 1:53 am PDT by
Microsoft will next year offer a new perpetual release of Microsoft Office for Mac and Windows that doesn't require a subscription to use, according to the software giant (via Windows Central). "Microsoft Office will also see a new perpetual release for both Windows and Mac, in the second half of 2021," said Microsoft in a blog post announcing the next version of its Exchange server,...

Video Offers Closer Look at Apple Face Mask

Friday September 25, 2020 5:25 am PDT by
YouTube channel Unbox Therapy has today shared a new video giving a closer look at Apple's reusable face masks for corporate and retail employees. Apple's own face mask was designed by the company's Engineering and Industrial Design teams amid the global health crisis for corporate and retail employees, and the boxes include Apple's famous "Designed by Apple in California" text. The...

Upcoming Xbox App Update Will Let Xbox Users Stream Games to iPhone and iPad

Friday September 25, 2020 11:58 am PDT by
Microsoft is testing a new version of its Xbox app that will let Xbox users play games remotely on their iPhones and iPads using streaming functionality. The new feature was rolled out to TestFlight users this morning. The Xbox streaming option is distinct from Microsoft's xCloud service, which it has been clashing with Apple over. xCloud is designed to stream games from Microsoft's servers, ...

Apple Releases macOS Catalina 10.15.7 With Fixes for WiFi Bug, 27-Inch iMac Graphics Issues

Thursday September 24, 2020 10:32 am PDT by
Apple today released macOS Catalina 10.15.7, the latest update to the macOS Catalina software. macOS Catalina 10.15.7 fixes several major bugs that Mac users have been experiencing, and it comes a month after the latest macOS Catalina release. The ‌‌‌macOS Catalina‌‌‌ 10.15.6 Supplemental Update can be downloaded from the Mac App Store using the Update feature in the System...

iOS 14: 'Phoenix 2' Space Shooter Delivers Playable Demo via App Clips

Saturday September 26, 2020 2:08 pm PDT by
One of the new features that arrived in iOS 14 is called App Clips. App Clips is described by Apple to be a "small part of your app" that can be available to users at just the right moment.App Clips focus on finishing one task quickly. An ideal App Clip experience allows users to open and complete a task in seconds. Instead of requiring an App Store download, they can be loaded and run via...

Apple's iPhone 12 Event Could Happen on October 13 Based on Rumors From Mobile Operators

Wednesday September 23, 2020 11:51 am PDT by
Apple's upcoming iPhone-centric event could perhaps be held on Tuesday, October 13, according to information shared with MacRumors by an employee at a UK cellular carrier. There's no way for us to confirm the dates at this point in time nor are we sure on the credibility of the source, but even without a rumor, Tuesday, October 13 is a good guess based on Apple's historic launch timelines, ...