A huge data leak at Verizon Wireless exposed millions of customer records, but the company blamed an outside vendor for the breach. The FOX Business Network's Tracee Carrasco reported, "Names, addresses, phone numbers and, in some cases, the security pins of millions of Verizon customers publicly exposed online by one of the company's vendors, Nice systems, based in Israel." Verizon Wireless was informed of the breach, which was discovered by a researcher from software security firm UpGuard, in late June. According to reports from ZDNet.com, "An employee of Nice Systems put information into a storage cloud area and incorrectly set the storage to allow external access," said Carrasco According to the report, Carrasco said, "As many as 14 million customers were found on unsecured storage controlled by Nice Systems. Now, Verizon says that number is closer to six million customers."
Verizon Enterprise, a bulwark against cyberattacks at many large organizations, has suffered a security breach itself. A flaw in the company's systems allowed an attacker to steal contact information on Verizon Enterprise customers, the company acknowledged Thursday. Verizon said it has fixed the flaw and is notifying those users, but it hasn't disclosed how many were affected. The intruder couldn't get to any customer proprietary network information, Verizon said, referring to data such as call records and billing information. The breach came to light Thursday in a post on the blog Krebs on Security.
Investors started worrying Friday that a massive security breach disclosed by Yahoo Inc. YHOO -3.06 % could impact the internet company's 4.8 billion deal to sell its core business to Verizon Communications Inc. VZ 0.40 % The breach, which Yahoo blamed on a state-sponsored actor, occurred two years ago but was discovered after the merger deal was signed. Verizon said it learned of the problem this week and was reviewing the situation. The telecom company is waiting to see how the breach affect's Yahoo's business in coming weeks before deciding its next steps, a person familiar with the matter said. Verizon was displeased by how long it took Yahoo to notify the company about the breach, this person said. Verizon isn't conducting its own independent investigation since the deal hasn't yet closed, the person said.
Hackers stole information from about 500 million users from Yahoo, the company has confirmed. News of a possible major attack on Yahoo emerged in August when a hacker known as "Peace" was apparently attempting to sell information on 200 million Yahoo accounts. "What is noticeable here is that this breach is massive," said Nikki Parker, vice-president at security company Covata. The scale of the hack eclipses other recent, major tech breaches - such as MySpace (359 million), Linkedin (159 million) and Adobe (152 million).
In a study of over 53,000 security incidents including 2,300 confirmed data breaches across 65 countries, Verizon has unveiled its 2018 Data Breach investigation report (DBIR). The report revealed that data breaches have risen significantly in this past year, with 39% of respondents having reported malware-related breaches – double that of last year's Verizon DBIR. Further, interestingly, the report found that these attacks often go undetected for prolonged periods of time, with over two thirds (68%) of companies having taken months or even years to discover breaches, despite it taking just minutes to compromise sensitive data in 87% of attacks. "Businesses find it difficult to keep abreast of the threat landscape and continue to put themselves at risk by not adopting dynamic and proactive security strategies," says George Fischer, President of Verizon Enterprise Solutions. Rashmi Knowles, EMEA Field CTO of RSA Security argues that companies failing to invest and update their security strategies will continue to be susceptible to common and growing cybercrime, such as identify theft, with stolen credentials being the most successful attack method according to this year's DBIR.