Verizon Enterprise Customer Data Stolen & Put On Sale

Verizon Enterprise is a business and security-focused arm of the American telecoms giant, known for publishing security reports and helping businesses investigate breaches. In an ironic twist of fate, it turns out they've fallen victim to a security breach themselves. The details of the breach, including the exploit used and the exact info stolen, were not released. According to prominent security researcher and blogger Brian Krebs, also known as KrebsOnSecurity, customer contact info and a guide on how to breach Verizon Enterprise and grab whatever data you want was seen up for grabs on a prominent cybercrime forum. The full package of information, including the guide, was priced at $100,000, whereas sets of 100,000 pieces of info were on sale for $10,000 a pop. Buyers can get the data in its native MongoDB format, or other formats.

The breach seemed to be an attack that caused a dump of the Verizon Enterprise database's contents, however without further details from Verizon Enterprise, there is no way to be sure. They are reportedly contacting affected customers to inform them of the attack. The exact number of those affected wasn't released, but it can be assumed that it's roughly 1 million, given the numbers and prices found on the cybercrime forum. Verizon Enterprise's customer base includes about 99 percent of the Fortune 500 companies out there, making this target list very valuable. The dataset may or may not contain billing information for the contacts listed, but even a bare minimum of information can be used for targeted attacks such as phishing, malware targeting or even just petty harassment, though the latter is unlikely, given the price a would-be buyer must pay.

When KrebsOnSecurity contacted Verizon about the breach, they said that they did find a vulnerability that would allow customer information to be stolen in a similar manner to the breach at hand. The vulnerability is reportedly patched at this point and should no longer be an effective attack method. For all intents and purposes, the breach is, at this point, taken care of to the best of Verizon Enterprise's abilities; all that remains is to figure out who did it and to keep the affected customers safe.

You May Like These
More Like This:
About the Author
2018/10/Daniel-Fuller-2018.jpg

Daniel Fuller

Senior Staff Writer
Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, voice assistants, AI technology development, and hot gaming news in the Android world. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now