March 25, 2016

Share Everywhere

Verizon’s Enterprise Unit Suffers Major Data Breach

Verizon Enterprise Solutions, a division of Verizon known for providing IT services to businesses and government agencies around the world, has had their systems compromised by hackers who stole the information of about 1.5 million customers. Verizon Enterprise usually helps Fortune 500 companies respond to data breaches — even regularly publishing data breach investigation reports — but cybersecurity journalist Brian Krebs of KrebsOnSecurity recently discovered customer data for sale in a “closely guarded underground cybercrime forum.”

The seller was allegedly a “prominent member” of the forum and was promoting contact information for about 1.5 million Verizon Enterprise customers for $100,000; the option to purchase 100,000 records for $10,000 each was also offered. In addition, the anonymous individual was selling information about vulnerabilities in Verizon’s website.

Krebs contacted Verizon Enterprise about what he found online and the company acknowledged that they had recently identified the security flaw in its website and they were working to notify customers that may have been affected. Fortune and Krebs both received the same canned e-mail response from a Verizon spokesperson that read:

“Verizon recently discovered and remediated a security vulnerability on our enterprise client portal. Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible.”

Though the company admits a breach occurred, they have not yet explained how it happened, who is responsible, or the exact number of customers who were affected.

In his post about the breach, Krebs noted that if thieves do purchase some or all of the Verizon customer data, those individuals will be “easy marks for phishing and other targeted attacks.”

Any Verizon Enterprise customers who have not been contacted by the company yet should reach out to them directly with any questions or concerns.

Judy Leary

President at IdentityForce
For Judy, identity theft protection is in her DNA—her dad started IdentityForce’s parent company in the 70s, and in the 80s, she and her brother came on board. She loves her dedicated team and how much they care about every member, partner, and supplier. In addition to protection against identity theft, Judy is passionate about travel (Aruba is her “happy place”!) and giving back. She volunteers for the Alzheimer’s Association, Mazie Mentoring Program, and Sunshine Golden Retriever Rescue. She’s also a proud mom to 2 grown daughters and 3 rescue dogs.

Latest posts by Judy Leary (see all)