cyber Breach

Verizon

Aug 13, 2022 1 min read
Verizon

A hacker obtained a database that included the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees.

The hackers confirmed that gained access to a Verizon internal tool that shows employee’s information, and wrote a script to query and scrape the database after convincing a Verizon employee to give them remote access to their corporate computer.

The hackers demanded $250,000 as a reward for not leaking their entire employee database.

Source: https://www.vice.com/en/article/wxdwxn/hacker-steals-database-of-hundreds-of-verizon-employees

TPRM report: https://scoringcyber.rankiteo.com/company/verizon

"id": "ver31211822",
"linkid": "verizon",
"type": "Breach",
"date": "05/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Telecommunications',
                        'name': 'Verizon',
                        'type': 'Telecommunications Company'}],
 'attack_vector': 'Social Engineering, Remote Access',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 'Hundreds',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Full Name',
                                              'Email Address',
                                              'Corporate ID Numbers',
                                              'Phone Number']},
 'description': 'A hacker obtained a database that included the full name, '
                'email address, corporate ID numbers, and phone number of '
                'hundreds of Verizon employees. The hackers confirmed that '
                'they gained access to a Verizon internal tool that shows '
                'employee’s information, and wrote a script to query and '
                'scrape the database after convincing a Verizon employee to '
                'give them remote access to their corporate computer. The '
                'hackers demanded $250,000 as a reward for not leaking their '
                'entire employee database.',
 'impact': {'data_compromised': ['Full Name',
                                 'Email Address',
                                 'Corporate ID Numbers',
                                 'Phone Number'],
            'systems_affected': ['Internal Tool']},
 'initial_access_broker': {'entry_point': 'Remote Access'},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'Social Engineering, Lack of '
                                           'Employee Awareness'},
 'ransomware': {'ransom_demanded': '$250,000'},
 'threat_actor': 'Unspecified Hacker',
 'title': 'Verizon Employee Database Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human Factor'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.