Inside the Lines: Unraveling Verizon’s Insider Data Breach
Verizon Communications has issued a warning regarding an insider data breach affecting nearly half of its workforce, compromising sensitive employee information.
As a prominent American telecommunications and mass media corporation, Verizon serves over 150 million subscribers nationwide with cable TV, telecommunications, and internet services. With a workforce exceeding 117,000 employees and an annual revenue of $136.8 billion (as of 2022), the company stands as a significant player in its industry.
According to a data breach notification filed with the Office of the Maine Attorney General, an employee at Verizon gained unauthorized access to a file containing sensitive employee data on September 21, 2023.
Verizon became aware of the breach on December 12, 2023, almost three months later, identifying the exposure of sensitive information belonging to 63,206 employees.
The compromised data includes various personal details such as full names, physical addresses, Social Security numbers (SSNs), national IDs, gender, union affiliations, date of birth, and compensation information. Fortunately, customer information does not seem to be affected by this incident.
Verizon assures that it is actively enhancing its internal security measures to prevent similar breaches in the future. Currently, there is no evidence of malicious exploitation or widespread dissemination of the breached data beyond Verizon’s systems.
In an effort to safeguard affected individuals, Verizon is offering instructions for enrolling in a two-year identity theft protection and credit monitoring service to impacted employees.
When queried by BleepingComputer, a Verizon spokesperson confirmed the incident, stating that there is no indication of malicious intent or external sharing of the compromised information. As of now, law enforcement has not been involved, and internal investigations are ongoing.
Despite this breach, Verizon has experienced a relatively stable cybersecurity record in recent years, with its last significant incident occurring in October 2022, involving attempted SIM swaps to hijack customer accounts. While Verizon managed to thwart these attempts and reverse unauthorized changes, sensitive customer data, including partial credit card details, names, telephone numbers, billing addresses, and service-related information, was exposed.
Happy Hunting!
— j1nx
