KrebsOnSecurity claims that information that was exposed during a Verizon Enterprise Solutions security breach is accessible to cybercriminals.
Verizon Enterprise is selling the records of 1.5 million of its customers; the full archive is being offered for $100,000, but purchasers can also purchase a bundle of 100,000 records for $10,000.
Additionally, the hackers provided knowledge regarding Verizon security holes that probably made it possible to breach one of the company's systems.
Representatives from Verizon Enterprise have acknowledged the website's data breach and the existence of the vulnerability that the attackers used, which has since been addressed by the company's experts. The business stated that no further data or customer-specific proprietary network information was accessed by the hackers.
Source: https://securityaffairs.com/45629/data-breach/verizon-enterprise-portal-hacked.html
TPRM report: https://scoringcyber.rankiteo.com/company/verizon
"id": "ver1744261023",
"linkid": "verizon",
"type": "Breach",
"date": "03/2016",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '1.5 million',
'industry': 'Telecommunications',
'name': 'Verizon Enterprise Solutions',
'type': 'Telecommunications'}],
'attack_vector': 'Exploiting Security Vulnerability',
'data_breach': {'number_of_records_exposed': '1.5 million',
'type_of_data_compromised': 'Customer Records'},
'description': 'KrebsOnSecurity claims that information that was exposed '
'during a Verizon Enterprise Solutions security breach is '
'accessible to cybercriminals. Verizon Enterprise is selling '
'the records of 1.5 million of its customers; the full archive '
'is being offered for $100,000, but purchasers can also '
'purchase a bundle of 100,000 records for $10,000. '
'Additionally, the hackers provided knowledge regarding '
'Verizon security holes that probably made it possible to '
"breach one of the company's systems. Representatives from "
"Verizon Enterprise have acknowledged the website's data "
'breach and the existence of the vulnerability that the '
'attackers used, which has since been addressed by the '
"company's experts. The business stated that no further data "
'or customer-specific proprietary network information was '
'accessed by the hackers.',
'impact': {'data_compromised': '1.5 million customer records'},
'initial_access_broker': {'data_sold_on_dark_web': '1.5 million customer '
'records',
'entry_point': "Security holes in Verizon's "
'systems'},
'motivation': ['Financial Gain', 'Data Sale'],
'post_incident_analysis': {'corrective_actions': 'Vulnerability addressed by '
'experts',
'root_causes': "Security holes in Verizon's "
'systems'},
'references': [{'source': 'KrebsOnSecurity'}],
'response': {'containment_measures': 'Vulnerability addressed by experts'},
'threat_actor': 'Unknown',
'title': 'Verizon Enterprise Solutions Security Breach',
'type': 'Data Breach',
'vulnerability_exploited': "Security holes in Verizon's systems"}