Published: Fri, July 14, 2017
Sci-tech | By Jackie Newman

Verizon claims data breach report was overblown

Verizon claims data breach report was overblown

Another day, another security breach: researchers at UpGuard have revealed that Verizon suffered a fairly massive data leak, exposing personal information on millions of customers.

The exposed PIN codes could be problematic because this is an opportunity for undesirables to call in to Verizon posing as a customer and then would be able to verify that they are indeed the customer calling in when a service center agent takes their call. The data was part of a demo system for that project.

The security firm said the files were discovered on an unprotected Amazon Web Services (AWS) database on 8 June but that the issue was not fully resolved until weeks later, on 22 June 2017. UpGuard has declined to comment on how the Verizon data leaks were discovered. If these were mobile phone numbers, they could have allowed potential attackers access to customers' Verizon accounts.

Verizon later confirmed the breach but downsized the figure of affected customers to more than six million.

"Verizon is committed to the security and privacy of our customers". The temporarily compromised data was tied to NICE Systems, a company in Israel that was assisting Verizon with customer support calls. UpGuard informed Verizon of its findings on June 13, O'Sullivan said.

Google, Facebook, Whats App soon Provides the Facility to Pay
Not wishing to give any timeline for the RBI approval to come, Hota said they will also have to look apart from technical things. According to Hota, there are 50 banks who are members of UPI and out of them, 37 have developed their own UPI applications.

Verizon said in an official statement that the "overwhelming majority of information in the data set has no external value".

Nice attributed the mix-up to "human error" involving an "isolated staging area with limited information", Los Angeles Times reported Wednesday. Sophisticated state actors, looking for, say, information on government workers, were of particular concern, he added.

It's clear that Verizon didn't really learn much from the Yahoo breaches, or they would have immediately cut off all third-party vendor access to mission-critical data.

As a media outlet recently reported, an employee of one of our vendors put information into a cloud storage area and incorrectly set the storage to allow external access.

"In relation to this specific case, there are technologies available today that could have quickly, easily and cost effectively ensured appropriate configuration of the cloud service, denied unauthorised access, and encrypted the sensitive data at rest". "The fact that no data may have been downloaded doesn't minimize the risk of instances such as this", said John Gunn, chief marketing office for VASCO Data Security.

Like this: