Save this content for laterSave this content on your device for later, even while offline Sign in with FacebookSign in with your Facebook account Close

Why you should change your Verizon PIN right now

By: alex schiffer The Washington Post
July 16, 2017 Updated: July 16, 2017 at 1:00 pm
0

Verizon confirmed Wednesday that data belonging to 6 million customers was leaked online in June. News of the incident was first reported by ZDNet.

In a statement on the company's website, Verizon said the leak was caused by an employee of one of the company's vendors who accidentally allowed external access to information put in a cloud storage area. ZDNet reported that the data was leaked on an unprotected Amazon S3 storage server. This made the data available to anyone who had the public link to the cloud. Amazon didn't respond to a request for comment.

A limited amount of personal information, such as some phone numbers and PINs, were included in the data, but it didn't include Social Security numbers or voice recordings, Verizon said. The PIN numbers are used to authenticate a caller phoning into the wireline call center and can't be used to access customer accounts online, the statement said.

No customer information was lost or stolen, because the storage area was accessible only to Verizon; the vendor, Israel-based NICE Systems; and the researcher who flagged the leak, according to the statement.

That researcher was Chris Vickery, who worked for the cybersecurity firm UpGuard. Vickery also discovered earlier this year that some information of nearly 200 million voters was exposed by a data firm working for Republican Party clients. That information was also on an Amazon server.

According to CNN, Vickery privately alerted Verizon to the issue on June 13. The security hole was sealed June 22.

Although Verizon said that the PINs alone can't help access online accounts, Hemu Nigam, a cybersecurity analyst at SSP Blue, said he would still advise customers to change their PINs because they could give people access to other accounts they use.

"The unfortunate part is if you use that PIN, you're probably using a similar PIN for other situations, so once I have that I can test that PIN on other things," he said. "Verizon's relationship with the customer is not at risk, but the customer is now at risk in other aspects of their lives."

Register to the Colorado Springs Gazette
Incognito Mode Your browser is in Incognito mode

You vanished!

We welcome you to read all of our stories by signing into your account. If you don't have a subscription, please subscribe today for daily award winning journalism.

Register to the Colorado Springs Gazette
Subscribe to the Colorado Springs Gazette

It appears that you value local journalism. Thank you.

Subscribe today for unlimited digital access with 50% fewer ads for a faster browsing experience.

Already a Subscriber? LOGIN HERE

Wake up with today's top stories in your inbox

Wake up with today's top stories in your inbox

Already a print subscriber?
Already a digital subscriber?
 
This is your last FREE article for the month
This is your last FREE article for the month

Subscribe now and enjoy Unlimited Digital Access to Gazette.com

Only 99 cents for Unlimited Digital Access for 1 month
Then $2.31/week, billed monthly, cancel anytime
Already a print subscriber?
Already a digital subscriber?

 
You have reached your article limit for the month
You have reached your article limit for the month

We hope that you've enjoyed your complimentary access to Gazette.com

Only 99 cents for Unlimited Digital Access for 1 month
Then $2.31/week, billed monthly, cancel anytime
Already a print subscriber?
Already a digital subscriber?

 
articles remaining
×
Thank you for your interest in local journalism.
Gain unlimited access, 50% fewer ads and a faster browsing experience.