Jump to content

Millions of Verizon customer records exposed in security lapse


RV_

Recommended Posts

The short version:

Excerpt:

"An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned.

As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company.

Privacy watchdogs have linked the company to several government intelligence agencies, and it's known to work closely with surveillance and phone cracking firms Hacking Team and Cellebrite. In regulatory filings with the Securities and Exchange Commission, Nice noted that it can't control what customers do with its software. "Our products may also be intentionally misused or abused by clients who use our products," said Nice in its annual report.

Chris Vickery, director of cyber risk research at security firm UpGuard, who found the data, privately told Verizon of the exposure shortly after it was discovered in late-June.

It took over a week before the data was eventually secured.

The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can "realize intent, and extract and leverage insights to deliver impact in real time." Verizon uses that data to verify account holders and to improve customer service.

Each record included a customer's name, a cell phone number, and their account PIN -- which if obtained would grant anyone access to a subscriber's account, according to a Verizon call center representative, who spoke on the condition of anonymity as they were not authorized to speak to the press."

The whole article with hot links is here:

http://www.zdnet.com/article/millions-verizon-customer-records-israeli-data/?loc=newsletter_large_thumb_featured&ftag=TRE-03-10aaa6b&bhid=19724681974700635514865380622813

 

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Reason #328 for not ever calling customer service at a cellular carrier.  The first 327 reasons have to do with their lack of knowledge and/or lack of scruples.

Everybody wanna hear the truth, but everybody tell a lie.  Everybody wanna go to Heaven, but nobody want to die.  Albert King

 

Link to comment
Share on other sites

1 hour ago, chirakawa said:

Reason #328 for not ever calling customer service at a cellular carrier.  The first 327 reasons have to do with their lack of knowledge and/or lack of scruples.

Now this made me chuckle. Thanks, 

Smitty

Be safe, have fun,

Smitty

04 CC Allure "RooII" - Our "E" ride for life!

Link to comment
Share on other sites

Quote

An Israeli technology company has exposed millions of Verizon customer records TO THE PUBLIC, ZDNet has learned.

MISSING, is the part in red.  Sensationalism can become fake news very quickly.  The "technology company" was in fact doing security research for Verizon and discovered a vulnerability.  They disclosed the vulnerability to Verizon according to other sources.  
Journalism isn't what it used to be.

 

Lance-white-sands-500.jpg

~Rich

Link to comment
Share on other sites

That was good Chirakawa.

I am frankly astounded when folks complain about privacy and then completely miss that their elected officials passed a law allowing our ISPs to see, use, and sell our online activity without consent. Here is a search page so anyone can pick whatever news they prefer to think is real or not:

https://www.bing.com/search?q=did+congress+pass+a+law+letting+my+ISP+see+where+I+go+online%3F&pc=MOZI&form=MOZLBR

This is an Internet privacy issue. I have zero trust in my ISP. They lie, bundle, send me ads for new customers as if their computers can't tell I already have their Internet service.

Then our privacy was legislated away. I would be fine with it if we can spy on our ISP executives, techs, and owners and see all their private emails and online to the same extent they can see ours. How likely is that?

Go here and see that our ISPs who just now are trying to get the restrictions on their asking for more money as highway bandits on the information highway. Example. Netflix pays for their service and can send my content to me. I pay for my unlimited data and that is it.

But now the ISPs say they can't handle the traffic but doing even cursory research shows they are spending 1/3 of what they spent in the last decade when they were building it up.

The ISPs have spent millions lobbying congress and now they have let them access our private content.

Would anyone have stood silently by if the old bell companies recorded our conversations and the USPS read all our mail?

And now the net neutrality rules are going out the window too.

Time to pick up the phones and write if you feel that is too far. Laws can be repealed. I would like the one letting ISPs snoop regulated back into being illegal. Illegal search and seizure is OK if it is an Oligarch doing it instead of the government?

The ISP needs no warrant or oversight. They have been granted free access. Imagine the future elections and the mud that will come out before people realize what is what.

It is already too late to worry about privacy as long as good people do nothing.

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...