Verizon Enterprise is a business and security-focused arm of the American telecoms giant, known for publishing security reports and helping businesses investigate breaches. In an ironic twist of fate, it turns out they’ve fallen victim to a security breach themselves. The details of the breach, including the exploit used and the exact info stolen, were not released. According to prominent security researcher and blogger Brian Krebs, also known as KrebsOnSecurity, customer contact info and a guide on how to breach Verizon Enterprise and grab whatever data you want was seen up for grabs on a prominent cybercrime forum. The full package of information, including the guide, was priced at $100,000, whereas sets of 100,000 pieces of info were on sale for $10,000 a pop. Buyers can get the data in its native MongoDB format, or other formats.
The breach seemed to be an attack that caused a dump of the Verizon Enterprise database’s contents, however without further details from Verizon Enterprise, there is no way to be sure. They are reportedly contacting affected customers to inform them of the attack. The exact number of those affected wasn’t released, but it can be assumed that it’s roughly 1 million, given the numbers and prices found on the cybercrime forum. Verizon Enterprise’s customer base includes about 99 percent of the Fortune 500 companies out there, making this target list very valuable. The dataset may or may not contain billing information for the contacts listed, but even a bare minimum of information can be used for targeted attacks such as phishing, malware targeting or even just petty harassment, though the latter is unlikely, given the price a would-be buyer must pay.
When KrebsOnSecurity contacted Verizon about the breach, they said that they did find a vulnerability that would allow customer information to be stolen in a similar manner to the breach at hand. The vulnerability is reportedly patched at this point and should no longer be an effective attack method. For all intents and purposes, the breach is, at this point, taken care of to the best of Verizon Enterprise’s abilities; all that remains is to figure out who did it and to keep the affected customers safe.