Verizon notified pay as you go prospects this week of a recent cyberattack that granted “third-party actors” entry to their accounts, as reported earlier Tuesday by BleepingComputer. The assault occurred between Oct. 6 and Oct. 10 and affected an undisclosed variety of Verizon pay as you go prospects.
The breach uncovered the final 4 digits of consumers’ bank cards used to make funds on their pay as you go accounts. Whereas no full bank card data was accessible, the knowledge was sufficient to grant the attackers entry to Verizon consumer accounts, which maintain semi-sensitive knowledge such “title, phone quantity, billing tackle, worth plans, and different service-related data,” per a notice from Verizon.
Account entry additionally probably enabled attackers to course of unauthorized SIM card adjustments on pay as you go strains. Often known as, unauthorized SIM card adjustments can permit for the switch of an unsuspecting particular person’s telephone quantity to a different telephone.
From there, the counterfeit telephone can be utilized to obtain SMS messages for password resets and consumer identification verifications on different accounts, giving attackers potential entry to any account they’ve, or can guess, the username for. Consequently, Verizon beneficial affected prospects safe their non-Verizon accounts comparable to social media, monetary, electronic mail and different accounts that permit for password resets by telephone.
In Verizon’s discover, the cell big reassured prospects that if an unauthorized SIM card change did happen, it has since been reversed. Moreover, Verizon reset the Account Safety Code (PIN) of affected prospects “in an abundance of warning.” Verizon additionally inspired prospects to create a brand new PIN code and set a brand new password and safety query.
If you happen to suspect your Verizon pay as you go account data could have been compromised, name Verizon at 877-350-7901 for additional help.
Verizon did not instantly reply to a request for remark.