Privacy Ninja

Verizon Digital Carrier Visible Customer Accounts Were Hacked

Verizon Digital Carrier Visible Customer Accounts Were Hacked

Visible, a US digital wireless carrier owned by Verizon, admitted that some customer accounts were hacked after dealing with technical problems in the past couple of days.

The announcement was made on Visible’s official sub-reddit by an employee who said the company is investigating an incident that led to a small number of accounts being breached.

As the post mentions: “We’re currently investigating an incident where information on a small number of member accounts was changed without their authorization. We’re working hard to take protective steps to secure these accountsYou should review any other accounts that share the same email, login, or password, and make any changes you determine necessary to secure those accounts.”

Also Read: PDP Act (Personal Data Protection Act) Laws and Regulation

While the company’s statement provides limited details regarding the incident, the employee advised customers to secure accounts with credentials also used with other online services hinting at a potential credential stuffing attack.

The affected users noticed suspicious activity on their accounts and some report fraudulent card charges too, but they all claim inability to access the accounts and reset their passwords.

User complaining about Visible's inapplicable protection guidelines
User complaining about Visible’s inapplicable protection guidelines
Source: Reddit

Users are also dealing with a privacy breach, as the account dashboards contain sensitive personal details like names, home addresses, and payment details.

Unfortunately, any payment methods added to the account cannot be removed, and only new ones may be added. The old methods can be deleted after a new one has been added, verified, and selected as primary.

In the context of a data breach, this procedure is cumbersome and unhelpful in remediating the situation.

Visible says there was no breach

Visible says that none of its systems have been breached by hackers and advises customers to change their password and security questions out of an abundance of caution.

Although the firm presents this as a limited-scope incident, the fact that the official Twitter handle of Visible’s support has admitted technical issues with the chat platform is raising suspicions.

Members trying to reach us – we’re currently experiencing technical issues with our chat platform and are unable to make any changes to your account. We’re addressing this issue immediately. Please bear with us while our team rectifies the situation.

-Visible— Visible Care (@visiblecare) October 13, 2021

The above was posted a few hours ago, while the security update notice on Reddit came on Monday. This means that whatever is plaguing the services of Visible appears to be persistent and still ongoing.

Also Read: What Does Resolution Of Data Really Means

We have reached out to Verizon for a clarifying statement, but we have not heard back yet.

One crucial point raised by a large number of Visible users is the absence of two-factor authentication as a security option for protecting their accounts.

While 2FA isn’t the ultimate form of security, especially the SMS-based one, it could have provided effective protection against a mass-scale credential stuffing attack, assuming that this is what’s going on.

Outsourced DPO – It is mandatory to appoint a Data Protection Officer. Engage us today.

PDPA Training (SkillsFuture Eligible) – Empower data protection knowledge for your employees.

Vulnerability Assessment Penetration Testing – Find loopholes in your websites, mobile apps or systems.

Privacy Ninja provides GUARANTEED quality and results for the following CORE SERVICES:

DPO-As-A-Service (Outsourced DPO Subscription)
Vulnerability Assessment & Penetration Testing (VAPT)
PDPA Obligations for Organizational Compliance (SkillsFuture Credit Eligible)

OTHER SERVICES:

PDPA Compliance Audit
Dig
ital Transformation Consultancy
Data Protection Trustmarks Certification Readiness Consultancy

PDPA Data Protection Software
Smart Contract Audit

LIKE & SUBSCRIBE:
Facebook
LinkedIn
Twitter
YouTube
Podcast

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Powered by WhatsApp Chat

× How can we help you?