Info of 1.5M Verizon Customers ‘Posted For Sale Online’

Verizon Communications Inc said an attacker had exploited a security vulnerability on its enterprise client portal to steal contact information of a number of customers.

The company said the attacker however did not gain access to Customer Proprietary Network Information (CPNI) or other data.

CPNI is the information that telephone companies collect including the time, date, duration and destination number of each call and the type of network a consumer subscribes to.

Krebs On Security, which first broke the news of the breach, said a member of a underground cybercrime forum had posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.

The seller priced the entire package at $100,000, but offered to sell it off in parts of 100,000 records for $10,000 apiece, Krebs added.

The vulnerability, which was investigated and fixed, did not leak any data on consumer customers, Verizon said in a statement on Thursday.

The company is currently notifying customers impacted by the breach.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s