The vulnerable database was discovered by Chris Vickery, director of cyber risk for UpGuard. Held in the storage were logged files of Verizon communications between customers and the company’s customer service department. 14 million separate customer records were held in the database. Among the details were cell numbers, accounts PINs, names, and addresses. Important, the PIN number would potentially allow any hacker to breach an account security easily. Verizon was reportedly told about the vulnerability in June. Since then, the company and Nice Systems have secured the system, but is seems to have taken over seven days to do that.
Third-Party Data Access
Considering Verizon is known to have close ties to government agencies, the breach is worrying. Perhaps more importantly is the fact many customers would not have known their data is seen by a third-party company. Vickery says, while not an uncommon practice, it is something most users may not realize happens: “The prospect of a host of your applications and digital accounts being compromised from one third-party vendor’s exposure of data is not science fiction, but the unfortunate reality of cyber risk today. The data exposed in the Verizon/NICE Systems cloud leak is, indeed, a testament to how profoundly every aspect of life today is touched by those systems to which we impart so much knowledge.” Since the discovery, Verizon has confirmed there was a vulnerability that has since been shored up. The company adds that six million customer accounts were open, not the reported 14 million.
