On Thursday, security researchers revealed that more than 1.5 million Verizon Enterprise customers are vulnerable.
According to KrebsOnSecurity, a "prominent member of a closely guarded underground cybercrime forum" offered up a database containing the personal information of around 1.5 million Verizon Enterprise users for $100,000 earlier this week. The seller also offered to sell the data in chunks of 100,000 for $10,000. In response to the report, the company said, "Verizon recently discovered and remediated a security vulnerability on our enterprise client portal. Our investigation, to date, found [that] an attacker obtained basic contact information on a number of our enterprise customers. No customer proprietary network information (CPNI) or other data was accessed or accessible." Verizon is working to notify affected Verizon Enterprise customers but has not revealed how many users were hit by this attack.
While this is alarming, Verizon Wireless customers do not need to be concerned regarding this breach. The attack targeted Verizon Enterprise Solutions, not Verizon Wireless. Verizon's enterprise clients include some 99% of Fortune 500 companies and several government bodies, making this list worth its black market price. If criminals got their hands on this data, some of the customers could be vulnerable to phishing or other targeted attacks. Verizon is known for its cybersecurity prowess, so this breach is a major hit to its reputation. Verizon has not commented on how this breach took place at this time, but it is a reminder that not even a top security firm is immune to hackers.
Photo: © iStock.