Published By : 13 Jul 2017 | Published By : QYRESEARCH
Verizon has confirmed the breach of six million customer records after being compromised by partner Nice Systems that facilitates customer service calls. The records had been accessed by a Nice Systems employee who controlled an Amazon S3 storage server that was unprotected. Residential customer logs of calls to Verizon customer service for the past six months had been accessed to collect information about Verizon account balance, email, home address, account PIN, mobile number, and name of customers. Theoretically, the information could have been used to grant access to customer accounts through impersonation of actual account holders.
Misconfigured Security Setting on Amazon S3 to Blame for
It has been reported that Verizon’s customer data breach had taken place due to a misconfigured security setting on the Amazon server. In this regard, it has been anticipated that anybody could have accessed the records by downloading the files after knowing the web address. However, Verizon has said that no other external party had access to the information, denying the occurrence of any theft or loss of customer data.
Verizon Data Breach First Noticed by UpGuard Cyber Risk Analyst
While Verizon and Nice Systems are still investigating the breach, the latter has refused to elaborate more on the incident after mentioning that the data was “part of a demo system.” It was UpGuard researcher, Chris Vickery who quietly informed the mobile carrier that its data had been compromised on June 13. Nine days after, on June 22, the data was finally secured.
Last year, Verizon had faced a breach of its enterprise unit data, which was put on online sale by the hackers. The unit provides IT services to several companies. In 2015, data of 15 million T-Mobile customers was exposed on account of a breach at Experian, a data broker.