Records of millions of Verizon subscribers were unprotected online

A cybersecurity researcher first noticed the issue – though Verizon said the number of people affected is "overstated."

Data for millions of Verizon users was left unprotected on the internet recently, allowing anyone who knew the web address to access the records.

The sensitive information was first discovered by UpGuard, with the site's Director of Cyber Risk Research Chris Vickery finding the data on Amazon Web Services cloud storage.

UpGuard said names, account details, addresses and verification PIN numbers were all vulnerable.

This data was not being stored directly by Verizon. Instead, it was handled through a third-party vendor called NICE Systems, an international company that does back-end business data and security work.

According to ZDNet, the customer data was from people who had called a customer service line in the past six months.

Verizon confirms – but says no customer info was stolen

Verizon in a news release confirmed that yes, customer data was left semi-out in the open on a server. But the company stressed that there's no record of anyone accessing the data aside from Verizon, NICE Systems, and the researcher who brought the issue to the company's attention.

"In other words, there has been no loss or theft of Verizon or Verizon customer information," the release said.

The company also takes issue with what exactly was vulnerable. Verizon claimed most of the info didn't have any value to people, though admitted there was "a limited amount of personal information" there. No Social Security numbers or voice recordings were stored on the server, however.

Verizon also said there was a "limited number" of cell phone numbers there, and the PINs could only be used when someone called the help center to verify their identity – they don't allow online account access or anything.

UpGuard initially said the personal information of up to 14 million people was vulnerable, but Verizon called that "overstated," and pegged the figure at about 6 million "unique customers."

"Verizon is committed to the security and privacy of our customers. We regret the incident and apologize to our customers," the response concluded.

UpGuard, though, said the entire incident – even if nothing was taken – is a "potent example of the risks of third-party vendors handling sensitive data." Basically, if some other company has your important data, it's only as secure as that company makes it.

That's what reportedly led to the Target data breach in 2014. Cybersecurity writer Brian Krebs said the hackers gained access to Target’s network using credentials stolen from a Pennsylvania refrigeration company that has worked at a number of Target locations.

Next Up

ISSAboveYou - Duluth North Shore - Oct 18 2021

Watch: Mille Lacs, Duluth captured in stunning video from ISS

The space station provides a vantage point 260 miles above the Earth's surface.


Ladies and gentlemen, The Weeknd has canceled his St. Paul show

He's made changes to his 2022 tour that involves scrapping his Xcel Energy Center gig.

Pixabay - police lights, tape

Man released from custody after admitting to fatal shooting in ND

Authorities said there is no threat to the public.


MN water tower in the running for Tank of the Year

It was the only water tank to receive more than 5,000 votes.

first snow

Any sign of snow in the forecast for Minnesota?

The stars could align for some flurries in northern Minnesota this week, but that's about it.

Flickr - 14 year old vaccine shot - Navy Medicine

Walz announces $200 reward for kids 12-17 who get COVID shots

Those ages have the lowest vaccination rates among all eligible age groups.

Screen Shot 2021-10-15 at 10.01.55 PM

Police still searching for suspect who opened fire at Plymouth movie theater

It sparked a partial evacuation of the Emagine Willow Creek theater.

covid, vaccine

Minnesota's COVID-19 update for Monday, October 18

Hospitalizations have surpassed 1,000 in the latest update.


Do you know when Uber is tracking your location?

We know apps collect data about us. But how much, and how is it being used?

Netflix remembers every time you pause a show (and a lot of other info)

It sees you when you're binging. It knows when you hit pause.

WikiLeaks leak claims CIA can get past phone encryption, hack into Smart TVs

This leak of more than 8,000 files has not been authenticated – though it appears legitimate.

2 major security flaws are affecting millions of phones, computers – here's what you should do

And you probably have a device that's at risk. Here's what you should do about it.

How Mall of America is using data it gets from shoppers on the free Wi-Fi

Mall of America is collecting data on the shoppers that log into its 5.6-million-square-foot Wi-Fi network.

Instagram influencers are still sneaking ads to millions of followers, groups say

What's an ad and what's not? That's often unclear on Instagram, some groups are arguing.

Facebook Messenger just made stalking your friends easier

Let your friends stare at you walking around in real-time for an hour.