Cloud Leak: How a Verizon Partner Exposed Millions of Customer Accounts
A misconfigured cloud-based file repository exposed names, addresses, account details, and account personal identification numbers (PINs) of as many as 14 million US customers of telecommunications carrier Verizon. UpGuard’s Cyber Risk team discovered this critical data repository was not exposed by the enterprise holding primary responsibility for the information, but by a third-party vendor to the enterprise.
Beyond the sensitive details of customer names, addresses, and phone numbers—all of use to scammers and direct marketers—the prospect of such information being used in combination with internal Verizon account PINs to take over customer accounts is hardly implausible.
Dan O’Sullivan, the analyst who first broke the story, will go through the details of the discovery and the significant impact of this cloud leak.