Total Wireless Customers Impacted by Third-Party Data Breach via Veriff
A recent data breach has exposed the personal information of 8,583 Total Wireless customers, stemming from a compromise at Veriff, the company’s third-party identity verification provider. The incident was disclosed after Veriff notified Total Wireless of unauthorized access on December 10, 2025.
The breach involved images of government-issued IDs submitted by users during a promotional identity verification process, with some records also containing postal addresses and dates of birth. Total Wireless, a prepaid mobile carrier under Verizon’s ownership, confirmed that its own systems remained unaffected but reported the incident to law enforcement.
Veriff, a global provider of AI-powered identity verification, stated it secured its systems, launched an investigation, and engaged a cybersecurity firm to mitigate the fallout. While the attack’s nature and perpetrators remain unidentified with no evidence of ransomware or public data leaks Total Wireless is offering affected customers a one-year subscription to Experian IdentityWorks, including credit monitoring and fraud detection.
The breach highlights the risks of third-party vulnerabilities in digital identity verification processes.
Source: https://cyberinsider.com/verizon-owned-brand-total-wireless-suffers-breach-exposing-customer-data/
Veriff cybersecurity rating report: https://www.rankiteo.com/company/veriff
TotalVerify cybersecurity rating report: https://www.rankiteo.com/company/totalverify
"id": "VERTOT1768240241",
"linkid": "veriff, totalverify",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '8,583',
'industry': 'Telecommunications',
'location': 'United States',
'name': 'Total Wireless',
'type': 'Prepaid Mobile Service Provider'},
{'industry': 'Cybersecurity/Identity Verification',
'location': 'Global',
'name': 'Veriff',
'type': 'Identity Verification Provider'}],
'attack_vector': 'Third-Party Compromise',
'customer_advisories': 'Affected customers offered one-year subscription to '
'Experian IdentityWorks (credit monitoring, identity '
'restoration, fraud detection)',
'data_breach': {'file_types_exposed': ['Images'],
'number_of_records_exposed': '8,583',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Government-issued ID images',
'Postal addresses',
'Dates of birth']},
'date_detected': '2025-12-10',
'description': 'A data breach compromised the personal information of 8,583 '
'Total Wireless customers due to a compromise of its '
'third-party identity verification provider, Veriff. The '
'exposed data includes images of government-issued IDs, postal '
'addresses, and dates of birth.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to Total '
'Wireless and Veriff',
'data_compromised': 'Personal information including '
'government-issued ID images, postal '
'addresses, and dates of birth',
'identity_theft_risk': 'High',
'systems_affected': 'Third-party identity verification provider '
'(Veriff)'},
'investigation_status': 'Ongoing',
'recommendations': 'Customers advised to remain vigilant, review credit '
'reports, and report suspicious activity',
'references': [{'source': 'CyberInsider'}],
'response': {'communication_strategy': 'Disclosure letters sent to affected '
'customers, offering credit monitoring '
'services',
'containment_measures': 'Veriff secured its systems',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Investigation of root cause and '
'mitigation efforts',
'third_party_assistance': 'Cybersecurity firm engaged by Veriff'},
'title': 'Total Wireless Customer Data Breach via Third-Party Provider Veriff',
'type': 'Data Breach'}