Verizon is dealing with a data breach in which a hacker acquired access to a database containing entire names, ID numbers, email addresses, and phone numbers for corporate employees. According to Motherboard, the information is legitimate since an unnamed hacker contacted them last week and they were able to authenticate the data by calling some of the numbers.
“These employees are fools,” the hacker told Motherboard over chat. The hacker has contacted Verizon and is demanding $250,000 in exchange for not revealing the material.
“A fraudster recently contacted us threatening to expose readily available employee directory information in exchange for payment from Verizon,” a Verizon spokeswoman told Motherboard. We don’t believe the fraudster has any critical information, and we have no plans to contact him or her again. We take the security of Verizon data very seriously, as always, and have put in place rigorous safeguards to protect our personnel and systems.”
The database was accessed, according to the hacker, by employing social engineering to gain remote access to a Verizon employee’s computer. The hacker pretended to be internal support, persuaded the Verizon employee to authorize remote access, and then executed a script that copied data from the machine, according to the hacker.
The information that was stolen could still be damaging. You’ve probably dealt with the numerous departments responsible for activating your SIM card if you’ve ever had to phone a carrier for assistance. Social engineering could be used to perpetrate SIM swapping fraud if a fictitious hacker poses as an employee and spoofs their phone number with one from the database.
Attackers have used this method in the past to steal bitcoin or gain access to social media accounts through carriers such as T-Mobile and AT&T, including one belonging to former Twitter CEO Jack Dorsey.
For the latest Sci-Tech News Follow EPOST on Google News