Verizon Attracts Attackers With Millions of Unmasked Customers Details

According to the report of HotHardware, Verizon, a U.S. telco giant, affirmed that the private info of its six million end-users had been unmasked, potentially making the details attractive to attackers.

UpGuard, a reputable cyber security corporation, unearthed the loophole in June. The corporation said the uncovered records were tied to an Israel-based firm called NICE systems, which handles Verizon’s support calls.

Surprisingly, NICE Systems failed to apply sufficient security safeguards to the six months worth of customer records. Rather than configuring its Amazon S3 server to private mode, the firm erroneously left the cloud storage settings to public mode, potentially making the data easily accessible to any individual with dangerous motives.

The unmasked records only consist of customers names, phone details, and PIN numbers NICE Systems utilizes to verify the private records of callers requesting for support. Although Verizon reassured the public that hackers retrieved none of the confidential info, the damage could have been extensive were it to get into the wrong hands.

Nice Systems termed the security breach as a case of “employee error” and placed the blame entirely on a fat-fingered employee who failed to configure properly the cloud storage service. UpGuard briefed the relevant authority about the loophole on June 13, but it took about a week to make the changes.

This latest incident follows a recent trend where sensitive data has been left attractive to unauthorized penetration due to poorly configured cloud storage settings. Besides the massive voters’ details that was leaked in June, in early July, attackers penetrated WWE cloud database and leaked details of 3 million fans.

Once more, this huge Verizon data leak affirms the need to uphold high-level security standards, especially when working with third-party service providers.

Read more here.

Comments are closed.