Verizon

Specialists at the Kromtech Security Research Centre have uncovered a fresh Verizon breach that revealed private and delicate information on internal networks.

Server logs and internal system credentials are among the many documents that have been leaked; the vast collection of papers was discovered on an unprotected Amazon S3 bucket.

The archive appears to make reference to internal systems used by Verizon Wireless, called Distributed Vision Services (DVS). DVS is a middleware system that the business uses to transfer data from back-end systems to front-end applications that employees and staff in call centres and stores utilise.

129 Outlook messages with internal conversations within the Verizon Wireless domain were found in another folder, and other folders included secret internal Verizon information.

Source: https://securityaffairs.com/63304/data-breach/new-verizon-data-leak.html

TPRM report: https://scoringcyber.rankiteo.com/company/verizon

"id": "ver27111223",
"linkid": "verizon",
"type": "Breach",
"date": "09/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Telecommunications',
                        'name': 'Verizon',
                        'type': 'Corporation'}],
 'attack_vector': 'Unprotected Amazon S3 bucket',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Server logs',
                                              'Internal system credentials',
                                              'Internal conversations',
                                              'Secret internal Verizon '
                                              'information']},
 'description': 'Specialists at the Kromtech Security Research Centre have '
                'uncovered a fresh Verizon breach that revealed private and '
                'delicate information on internal networks. Server logs and '
                'internal system credentials are among the many documents that '
                'have been leaked; the vast collection of papers was '
                'discovered on an unprotected Amazon S3 bucket. The archive '
                'appears to make reference to internal systems used by Verizon '
                'Wireless, called Distributed Vision Services (DVS). DVS is a '
                'middleware system that the business uses to transfer data '
                'from back-end systems to front-end applications that '
                'employees and staff in call centres and stores utilise. 129 '
                'Outlook messages with internal conversations within the '
                'Verizon Wireless domain were found in another folder, and '
                'other folders included secret internal Verizon information.',
 'impact': {'data_compromised': ['Server logs',
                                 'Internal system credentials',
                                 'Internal conversations',
                                 'Secret internal Verizon information'],
            'systems_affected': ['Distributed Vision Services (DVS)',
                                 'Verizon Wireless domain']},
 'initial_access_broker': {'entry_point': 'Unprotected Amazon S3 bucket'},
 'post_incident_analysis': {'root_causes': 'Misconfiguration'},
 'references': [{'source': 'Kromtech Security Research Centre'}],
 'title': 'Verizon Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Misconfiguration'}

Verizon

Brown, Lisle/Cummings, Inc.

Westmoreland Mechanical Testing & Research, Inc.

Perkins & Co