According to cybersecurity blogger Brian Krebs, there were as many as 1.5 million Verizon Enterprise customers that had their contact information leaked on an underground cybercrime.
A security vulnerability, now fixed, provided an opening for the attacker, the business-to-business arm of the mobile and telecom giant told KrebsoOnSecurity. The breach involved basic contact information, not propriety network information, the company told Krebs.
Prices of the customer data ranged from US$ 10,000 to US$ 100,000, Krebs reported.
Verizon, used by almost all Fortune 500 companies, is widely known for its cybersecurity prowess, and releases an annual report on avoiding cyberthreats, Krebs wrote.
Contacted about the posting, Verizon Enterprise told KrebsOnSecurity that the company recently identified a security flaw in its site that permitted hackers to steal customer contact information, and that it is in the process of alerting affected customers.
"Verizon recently discovered and remediated a security vulnerability on our enterprise client portal," the company said in an emailed statement.
"Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible."
A security vulnerability, now fixed, provided an opening for the attacker, the business-to-business arm of the mobile and telecom giant told KrebsoOnSecurity. The breach involved basic contact information, not propriety network information, the company told Krebs.
Prices of the customer data ranged from US$ 10,000 to US$ 100,000, Krebs reported.
Verizon, used by almost all Fortune 500 companies, is widely known for its cybersecurity prowess, and releases an annual report on avoiding cyberthreats, Krebs wrote.
Contacted about the posting, Verizon Enterprise told KrebsOnSecurity that the company recently identified a security flaw in its site that permitted hackers to steal customer contact information, and that it is in the process of alerting affected customers.
"Verizon recently discovered and remediated a security vulnerability on our enterprise client portal," the company said in an emailed statement.
"Our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible."
No comments:
Post a Comment