Wednesday, 15 August 2018
Latest news
Main » Including phone numbers and PINs - exposed by vendor

Including phone numbers and PINs - exposed by vendor

13 July 2017

Vickery told CNN that the data were exposed by NICE Systems, a company based in Israel that Verizon was working with to facilitate customer service calls.

An security firm revealed on Wednesday that information on as many as 14 million Verizon accounts was exposed on an unsecured server.

The data was downloadable by anyone with the easy-to-guess web address.

The data repository "was totally publicly accessible, anyone entering a URL in a browser would have been able to access it", said Dan O'Sullivan, cyber-resilience analyst with UpGuard, the Mountain View, Calif. company that found the data.

Bucks DA: Person of interest arrested in case of missing men
While the bulk of the investigation has focused on the Solebury Township farm, the authorities have also searched the home of Mr. Weintraub declared Cosmo DiNardo , the 20-year-old son of the property owners, to be a "person of interest" in the case.

Chris Vickery, director of cyber risk research at UpGuard, has discovered more sensitive information exposed on an unprotected "bucket" on an Amazon AWS server.

"But it's equally suspicious is that this company with close government ties, a history of phone cracking and of supporting surveillance, would have ungoverned access to sensitive data and treat security so casually". A PIN is the Holy Grail for hackers as they can easily access online accounts such as emails and banking and impersonate customers.

The details were stored in log files, which were recorded and analyzed by Nice.

Verizon subscribers be warned: a security risk has left millions of customer records exposed.

MLB All-Star Game 2017: Starting lineups and how to watch
Get prep sports breaking news alerts from the Gwinnett Daily Post staff delivered to your email. Harper certainly enjoys hitting at Citizens Bank Park, something he's said in years past.

Each record included the customer's name, mobile number, and account PIN, along with their home address, email address, and their Verizon account balance. But most of the customer records are in part or entirely visible. It could even allow someone to bypass two-factor authentication and hijack any call or text sent to the customer. He called it "the latest in a series of disturbing data breaches".

NICE Systems technology is used in Verizon's back-office and call center operations. In addition to customer engagement, the company's crime and compliance unit provides fraud prevention, brokerage compliance, and enterprise-wide case management services for financial institutions and regulatory authorities. The third party did not properly set up their security systems, leading to vulnerabilities. "Companies like Verizon must insist that third party vendors like Nice protect their customer data as they move it to the public cloud". "Unfortunately, the vendor's employee incorrectly set their AWS storage to allow external access".

Experts are strongly advising Verizon customers to quickly change their PIN codes.

Fed sees limits to interest rate rises
The Fed's " Monetary Policy Report", presented twice a year, cited a number of reasons to be optimistic about the economy. The government reported Friday that employers added a bigger-than-expected 222,000 jobs in June, the most in four months.

Including phone numbers and PINs - exposed by vendor