Up to 14 million Verizon subscribers may have had their sensitive data exposed by Nice Systems, a partner of Verizon, reports ZDNet. Subscriber records from users who called customer service over the past six months were located on an unprotected Amazon S3 storage server controlled by Verizon partner Nice Systems.
The data, which included customer names, phone numbers, home addresses, email addresses, and account PINs, was accessible to anyone who found what ZDNet says was an easy-to-guess web address. That PINs were made available is concerning as a PIN is what's used to verify a customer's identify and make changes to an account.
Verizon was informed of the leak in late June and it took more than a week for the information to be secured. Verizon told ZDNet it is investigating how information was improperly stored on the Amazon Web Services server. The company also said the "overwhelming majority" of the data has "no external value" and there's "no indication that the information has been compromised."
The data, which included customer names, phone numbers, home addresses, email addresses, and account PINs, was accessible to anyone who found what ZDNet says was an easy-to-guess web address. That PINs were made available is concerning as a PIN is what's used to verify a customer's identify and make changes to an account.
The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can "realize intent, and extract and leverage insights to deliver impact in real time." Verizon uses that data to verify account holders and to improve customer service.There were six folders for the months between January 2017 and June 2017, which included customer calls from several different US regions. Records included "hundreds of fields of additional data" beyond name, phone number, and PIN, like current account balance, a list of Verizon services, and more. No audio files were found, though the log files were based on calls. Some of the data was masked, but it's not clear what was hidden and what was exposed.
Verizon was informed of the leak in late June and it took more than a week for the information to be secured. Verizon told ZDNet it is investigating how information was improperly stored on the Amazon Web Services server. The company also said the "overwhelming majority" of the data has "no external value" and there's "no indication that the information has been compromised."
"Verizon provided the vendor with certain data to perform this work and authorized the vendor to set up AWS storage as part of this project," said a spokesperson. "Unfortunately, the vendor's employee incorrectly set their AWS storage to allow external access."Verizon customers who have called in to customer support over the course of the last six months should update their PINs as a precaution.
Update: Verizon released a press statement clarifying that no one accessed the data, so there was no theft or loss of customer information. Verizon also says that only 6 million unique customers were affected and those customers were part of its residential and small business wireline.
Tag: Verizon
35 comments
SlashLeaks posts an image that is alleged to be iPhone XI and XI Max molds for 3rd party case production.
These physical molds are presumably produced by case manufacturers based on leaked...
Apple has removed the 4K LG UltraFine Displays from its online Apple Store in the United States, continuing a trend of pulling the display from its online stores around the world. Before disappearing...
iOS apps and features including Shortcuts, Screen Time, and iMessage effects will be coming to macOS later this year, after they're first unveiled at Apple's Worldwide Developer's...
Apple supplier Foxconn today said that it remains committed to its contract to build a display plant and research facility in Wisconsin (via Reuters). The company's comment comes a few days after...
Will Smith, his wife Jada Smith, and his son Jaden Smith today visited Apple Park to discuss the environment and Jaden's Just Water company, according to a tweet Apple CEO Tim Cook shared on...
Back in March, Facebook announced that millions of Facebook passwords were stored on its servers in plain text with no encryption. At the time, Facebook also said that "tens of thousands" of...
Apple likely paid somewhere around $5 to $6 billion to settle its ongoing legal battle with Qualcomm, according to estimates shared today by UBS analyst Timothy Arcuri (via CNBC).
The...
All three 2019 iPhones will feature 12-megapixel single-lens front cameras, up from 7-megapixels on the iPhone XS, iPhone XS Max, and iPhone XR, according to the latest research note from well-known...
