Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Verizon staffer leaks data of over 63,000 workers

US telecommunications giant Verizon has disclosed a data breach that exposed the sensitive data of over half of its employees.

user icon Daniel Croft
Wed, 07 Feb 2024
Verizon staffer leaks data of over 63,000 workers
expand image

The breach occurred on 21 September last year but was only discovered months later on 12 December, according to a release by the Office of the Maine Attorney General.

The breach resulted from a company employee gaining unauthorised access to sensitive data belonging to 63,206 Verizon staff, over half of the company’s approximate 117,000.

“Verizon recently discovered that an employee inappropriately handled a file containing certain personal information about some Verizon employees,” Verizon spokesman Rich Young told Cyber Daily.

============
============

“At this point, we have no reason to believe the information was improperly used or that it was shared outside of Verizon.

“We are notifying the affected employees and applicable regulators about the matter. Our internal review of this matter continues.

“There is no indication of malicious intent, nor do we believe the information was shared externally.”

The exposed data, while varying from employee to employee, includes:

  • Full name
  • Date of birth
  • Gender
  • Physical address
  • National ID
  • Social Security Number (SSN)
  • Compensation info
  • Union affiliation

As of today (7 February 2024), the company has begun notifying the affected employees, informing them that there is no evidence that the data has been used maliciously.

“At this time, we have no evidence that this information has been misused or shared outside of Verizon as a result of this issue,” the company told staff in its employee breach notification.

“We are working to ensure our technical controls are enhanced to help prevent this type of situation from reoccurring and are notifying applicable regulators about the matter.”

Verizon also said that staff would be offered two years of identity protection and credit monitoring services through Allstate Identity Protection. It also reminded staff that they are entitled to one free credit report annually.

While there is currently no evidence of the staff data being misused, Cyber Daily has observed a user advertising access to Verizon’s systems online.

As seen through the FalconFeeds threat feed, a user by the name of sam_squirrel posted to the infamous Exploit forum, saying that they were selling access to the company’s systems.

“I can provide full unrestricted access to VZW corporate network,” said the user on 13 November 2023, the same day he signed up to the forum.

“The offer includes:

  • Virtual machine image configured to pass authentication + post auth posture assessment on Pulse/Ivanti
  • Vzweb employee directory scrape (300k employees, international), sorted by job position includes phone numbers, email addresses, supervisors name, work location and slack IDs
  • Web exploit to bypass OPT auth on Omni as a sales rep (not needed for GM logins).”

The user priced the access at $100,000 worth of the Monero (XMR) cryptocurrency, which is often used by hackers selling data due to its anonymity.

Currently, there is no established connection between the two instances. Cyber Daily has reached out to Verizon and will provide updates as the story develops.

Update: 07/02/2024: Verizon has said the forum post advertising access to its systems is fake.

“A fraudster has been claiming in online forums to have gained unauthorised access to some Verizon customer or employee data, including usernames, emails and account passwords,” the company told Cyber Daily.

“Verizon takes our commitments to customer security very seriously, and we immediately launched a review of these claims. We found no evidence that customer or employee data has been compromised by this threat actor.

“In addition, as always, we encourage customers to secure their accounts with strong, unique passwords and to contact us if they notice anything suspicious in their account.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.