On Wednesday, the company Verizon made the official announcement that, because of a security setting that was wrongly configured, personal data belonging to about 6 million people leaked on the internet. Cybersecurity company UpGuard is the one that actually discovered this breach which was reportedly caused by a person, not a computer error. That wrongly-configured setting allowed for the customers’ names and even important PIN codes to become public online, for anyone to access. Even if Verizon assured everyone that nobody stole any of the information, UpGuard said that the data breach could have affected about 14 million people. They are the same firm which revealed that voter data leak back in June, during the presidential election.
Verizon and a data breach
It’s worth noting that customers use these PIN codes which became available online to confirm their identity when they call the company’s customer service. UpGuard discovered the problem through one of its researchers. He managed to find out about a certain NICE Systems company which has its base somewhere in Israel. Verizon is reportedly working with them to make customer service more accessible to people. The data which leaked online was from the past six months. It’s worth noting that the cybersecurity firm announced Verizon that they had an issue on June 13. Only on June 22 the company managed to deal with it and close it.
The entire problem came from a security setting that NICE Systems put on public instead of putting it on private. So, the data Verizon had on cloud suddenly became public online because of that setting. According to Dan O’Sullivan, a Cyber Resilience Analyst with UpGuard, the fact that some of the PIN codes became public is very concerning. Some people can use them to gain access to the person’s phone service. They would only need to convince an agent from customer service that they’re indeed the owner of the account.
A very serious issue
Experts are strongly advising Verizon customers to quickly change their PIN codes. Also, to try and use a different one each time. They are also saying that this should come as a very strong proof. There are many other people who have access even to our supposedly secure data.
Image source: flickr