There was a data breach in Verizon according to reports from KrebsOnSecurity but the case might not affect the entire carrier subscribers. The hackers that perpetrated Verizon database only did hack into the Verizon Enterprise Services a division tat provides services to clients from the business and government sectors.
In a later report, Brian Krebs this said a known me we of a cybercrime forum recently posted a thread selling jnfo on 1.5M enterprise customers for $100,000. He also offered to share the vulnerabilities he found on Verizon’s website for a price.
The company confirmed to Krebs that it discovered and fixed a vulnerability on its enterprise portal, but not before an attacker got through and stole basic contact information. Verizon didn’t elaborate on how the hacker got in, but the spokesperson said that “no customer proprietary network information (CPNI) or other data was accessed or accessible.”
If only basic contact info was stolen, those customers won’t have to worry about identity theft or credit card fraud. However, the real worry here is that this could be a source for targeted attacks/phishing that turn into the next cryptolocker or leaked W-2 mess.
Source: KrebsOnSecurity, Engadget