Hacker sells data stolen from Verizon's enterprise customers
The carrier's anti-hacking task force was hacked.
Verizon suffered a data breach, according to KrebsOnSecurity, but you can breathe easy if you're just one of the carrier's subscribers. What the hacker infiltrated was Verizon Enterprise Solutions, a division that provides services to clients from the business and government sectors. Coincidentally, it's also the task force of sorts Fortune 500 companies call in when their systems get infiltrated. Brian Krebs says a well-known member of a cybercrime forum recently posted a thread selling info on 1.5 million enterprise customers for $100,000. He also offered to share the vulnerabilities he found on Verizon's website for a price.
The company confirmed to Krebs that it discovered and fixed a vulnerability on its enterprise portal, but not before an attacker got through and stole basic contact information. Verizon didn't elaborate on how the hacker got in, but the spokesperson said that "no customer proprietary network information (CPNI) or other data was accessed or accessible."
If only basic contact info was stolen, those customers won't have to worry about identity theft or credit card fraud. However, the real worry here is that this could be a source for targeted attacks/phishing that turn into the next cryptolocker or leaked W-2 mess.
