1.5 million Verizon Enterprise customer records up for sale online

Verizon says security flaw has been fixed and leaked customer details are "basic"

Hacking on keyboard

More than 1.5 million Verizon Enterprise customer records are being sold for $100,000 following a breach.

The activity was discovered when a member of an underground cybercrime forum posted a new thread appearing to advertise the sale of customer information from 1.5 million Verizon Enterprise customers, cybersecurity journalist Brian Krebs revealed.

Potential buyers could also purchase 100,000 records for $10,000, or information about applicable security vulnerabilities present in Verizon's site. The database can be bought in various formats, including the MongoDB database platform.

The company said the flaw it identified has now been fixed.

Advertisement
Advertisement - Article continues below

In an official statement, it said: "Verizon recently discovered and remediated a security vulnerability on our enterprise client portal.

"Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible."

Last year, Verizon warned companies that failing to patch old vulnerabilities would leave them open to malware and other cybersecurity issues.

Dodi Glenn, VP of cybersecurity at PC Pitstop, said: "While the breach itself is quite large, the information obtained was 'limited', according to Verizon, including only basic contact information. Apparently, no customer proprietary network information (CPNI) data was accessed, which is good news since contact information is considered a lot less valuable than CPNI or other confidential data. 

"Still, however, this should be a concern for many, since the breach happened to a company that is known for helping out other companies during data breaches. Additionally, a lot of Fortune 500 companies use Verizon Enterprise Solutions makes you wonder if some of those who purchased the data may have plans to use the information to start phishing attacks, since it contains information from companies with lots of money."

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019